Offensive CyberSecurity Specialist
Offensive Security Specialist with expertise in Red Teaming, Active Directory exploitation, and EDR evasion. Focused on securing complex enterprise environments through advanced technical research.
About
Me.
I'm Gangul Weerasinghe, an Offensive Security Specialist dedicated to revealing and mitigating complex security vulnerabilities within enterprise infrastructures.
Currently pursuing a BSc (Hons) in Computer Science (Information & Cyber Security) at SLIIT, I hold industry-recognized certifications like HTB Certified Web Exploitation Specialist (CWES), eLearnSecurity Junior Penetration Tester (eJPT), and Certified Red Team Analyst (CRTA).
My practical experience includes serving as an Undergraduate Trainee at Hatton National Bank PLC and working as a freelance security researcher. Beyond my technical roles, I am actively involved in the security community as a Lead Ambassador for TryHackMe and a Member of the SLIIT FOSS Community.
Expertise
Web Application Security
Advanced exploitation of OWASP Top 10, deep-dive vulnerability research, and API security assessment.
Mobile Security
Security audits for Android and iOS applications, including static and dynamic binary analysis.
Network Security
Internal and external network penetration testing, pivoting, and infrastructure assessment.
Active Directory Security
Exploiting trust relationships, Kerberos attacks, and post-exploitation in Windows environments.
Red Teaming
Simulating real-world adversaries, lateral movement, and EDR/AV evasion techniques.
Digital Forensics
Incident response, artifact analysis, and memory forensics to trace adversary footprints.
Hardware Security
IoT device analysis, firmware dumping, and side-channel attack assessments.
AI Red Teaming
Assessing LLM security, prompt injection, and model inversion attack surfaces.
Technical Projects
Offensive Security & Forensics
CertPyre: AD CS Auditing Framework
Developed a modular security auditing tool designed to identify misconfigurations in Active Directory Certificate Services (AD CS). Currently supports automated enumeration and detection of ESC1 vulnerabilities (Enrollee Supplies Subject), facilitating advanced privilege escalation assessments in enterprise environments.
Source Code arrow_forwardDroidSnoop: Mobile Forensic Analysis Tool
Engineered a mobile forensics tool for automated security analysis of Android applications. Features automated extraction of local data storage, scanning for hardcoded secrets in Shared Preferences, SQLite database dumping for sensitive keywords, and Firebase misconfiguration checks to identify publicly accessible cloud endpoints.
Source Code arrow_forwardHardware Security Attack Simulation Lab
Developed a controlled hardware simulation environment to demonstrate physical layer vulnerabilities, specifically focusing on Man-in-the-Middle (MITM) and Side-Channel attacks. Implemented a Side-Channel simulation capable of leaking secrets via timing and optical channels and built a custom Python CLI dashboard for live monitoring.
Source Code arrow_forwardCloud & Defense Systems
CloudSentinel: Enterprise Serverless API Security
Designed a production-grade serverless security framework providing defense-in-depth for cloud-native APIs. Implemented JWT-based IAM, adaptive rate limiting, and a custom threat detection engine (WAF logic) to inspect payloads for SQLi and XSS, paired with a React-based security telemetry dashboard.
Source Code arrow_forwardAnti-Keylogger Defense System
Built a Windows-based endpoint security tool that utilizes behavioral heuristics and process monitoring to detect and block keylogging activity. Features a glassmorphism-style web dashboard for real-time threat management, risk categorization, and administrative process termination.
Source Code arrow_forwardAI & Machine Learning for Security
Federated Learning Defense Framework
Developed a production-grade federated learning platform with integrated defenses against Sybil, poisoning, and inference attacks. Implemented a custom PKI-based certificate authority for secure client authentication and deployed microservices using Kubernetes with real-time monitoring through Prometheus and Grafana.
Source Code arrow_forwardDeep Learning Malware Classification
Built a ResNet-based deep learning model capable of classifying 25 malware families with 95.7% accuracy using image-based malware analysis on the MalIMG dataset. Developed a RESTful API for automated static analysis and real-time malware assessment of uploaded binaries.
Source Code arrow_forwardNetwork Anomaly Detection System
Implemented a high-performance network security monitor using Machine Learning to classify traffic into 'Normal' or various attack vectors (DoS, Probe, R2L, U2R). Achieved ~99.5% accuracy through rigorous feature engineering and multi-class classification on the NSL-KDD dataset.
Source Code arrow_forwardSpam Classifier Using ML
Developed an SMS spam classification system utilizing Multinomial Naive Bayes and N-gram feature extraction. Optimized model performance using GridSearchCV for hyperparameter tuning and implemented a full text-preprocessing pipeline (tokenization, stemming, and stop-word removal).
Source Code arrow_forwardSoftware Engineering & Tools
DevSecOps E-Commerce Platform
Designed a secure full-stack e-commerce platform with automated CI/CD pipelines. Integrated CodeQL SAST scanning and Dependabot for supply-chain security, ensuring a robust defensive posture from development through deployment.
Source Code arrow_forwardVocabulary PDF Reader (GenAI)
Developed a GenAI-powered platform for interactive PDF reading. Integrated Gemini AI for real-time English-to-Sinhala translation and advanced vocabulary extraction, featuring a searchable dashboard and persistent storage via MongoDB.
Source Code arrow_forwardExperience
Undergraduate Trainee | Hatton National Bank
Assisting in security operations, threat assessment, and infrastructure monitoring within a leading financial institution. Gaining hands-on experience in enterprise-grade security protocols and defensive strategies.
Blogs
Advanced EDR Evasion Techniques
Exploring modern methods for bypassing endpoint detection systems using custom shellcode loaders.
Read Article arrow_forwardMastering Kerberos Exploitation
A deep dive into ticket-based attacks and lateral movement within complex Windows domains.
Read Article arrow_forwardContact
Me
Secure a consultation or discuss a potential engagement. All communications are strictly confidential.