Software Engineer · Ethical Hacker · Sri Lanka

Tharindu Yehan
Bandara.

scroll

Portfolio — 2026

Developer, Designer,
and Penetration Tester.

Building things for the web from Sri Lanka — blending full‑stack development, design precision, and offensive security research. Focused on clean craft and clear intent.

2026

Present

Software Engineer — Open to opportunities

Actively building in web, mobile, and offensive security. Continuing open-source contributions and security research.

Full-Stack Cybersecurity Open Source

GitHub → LinkedIn → Contact →

2025

Degree · Research

BSc (Hons) Software Engineering — KDU

General Sir John Kotelawala Defence University · GPA 3.7

Graduated with GPA 3.7. Final year thesis: WiFiGuardian — a Wi-Fi security assessment tool integrating LLM-based advisory with network attack simulation, helping users understand and harden their wireless networks.

LLM Network Security PyQt6 Aircrack-ng

WiFiGuardian → KDU →

2025

Internship

Security Software Engineering Intern — VSIS

Completed industry internship at VSIS, working on real-world software engineering challenges across the stack.

Internship Industry

2024

CTF · Recognition

Top 100 Global — HackTheBox

Ranked in the top 100 globally on HackTheBox, competing against thousands of security researchers and penetration testers worldwide. Published exploit PoC writeups across multiple machines.

HackTheBox Penetration Testing Exploit Dev

HTB Profile → PoC Writeups →

2024

Community

IEEE Student Branch Website — KDU

Designed and developed the inaugural IEEE Student Branch website for KDU, launched at the Annual General Meeting on 07 May 2024.

IEEE Web Development Bootstrap PHP

View Project →

2023

Open Source

Security Tools — SocialPhish, WordBreak & more

Built and released multiple open-source security tools used by researchers worldwide. SocialPhish 3.0 — a phishing awareness framework — grew organically to many GitHub stars with a global following. WordBreak, a password auditing utility, and several other offensive tools followed.

Bash Python 130+ Stars Open Source

Tools Page → SocialPhish → WordBreak →

2023

Responsible Disclosure

Vulnerability Research — KDU Systems

Identified and responsibly disclosed critical vulnerabilities in university infrastructure — including the internal LMS and web portal. Findings included privilege escalation flaws that allowed admin account creation. All issues were reported to the institution and subsequently patched.

Web Security Responsible Disclosure LMS

2022

Open Source

Hacktoberfest 2022

Participated in Hacktoberfest 2022, earning digital badges and physical swag for open-source contributions.

Hacktoberfest Open Source

Badges → GitHub →

2022

University

University Entrance — KDU Intake 39

Enrolled at General Sir John Kotelawala Defence University to read for a BSc (Hons) in Software Engineering.

KDU Engineering

KDU →

2020

Community · Hacktivism

AnonOps — Operations

Joined the global AnonOps network via IRC, contributing to awareness campaigns including #OpSaveTheWorld. Became country channel operator under the alias **********@haunting.your.network — an early chapter in understanding decentralized communities and network culture.

IRC Network Culture Hacktivism

2020

Advanced Levels

A/L — Combined Mathematics Stream

Completed Advanced Levels in the Combined Mathematics stream, building the analytical foundation that would shape an engineering and security mindset.

Mathematics Physics

2015

Origin

Where it began

Curiosity kicked in early — pulling apart how systems work, writing bat scripts, tinkering with networks, staying up late to understand things nobody taught in class. The curiosity never stopped.

Self-taught Scripting Curiosity