Skip to content
View supun2001's full-sized avatar
๐Ÿ˜Ž
Open to work
๐Ÿ˜Ž
Open to work
4 followers · 4 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Highlights

  • Pro

Block or report supun2001

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
supun2001/README.md

๐Ÿ‘‹ Hi, Iโ€™m Supun Hasanka

๐Ÿง‘โ€๐Ÿ’ป Who Am I?

Iโ€™m Supun Hasanka, a cybersecurity learner and SOC-focused practitioner currently pursuing my MSc in Cybersecurity at the University of the West of Scotland (UWS), Scotland.

I hold a BSc (Hons) in Software Engineering (2:1) and have a strong interest in building practical, real-world security skills that bridge offensive and defensive security.

I enjoy working on hands-on labs, security research, and projects that simulate real SOC and attacker scenarios.

๐Ÿš€ What Iโ€™m Currently Doing

  • Pursuing MSc in Cybersecurity (2025 - 2026)
  • Actively participating in the HackerOne Bug Bounty Program as a beginner
    (profile link)
  • Building SOC-style labs (SIEM, detection, log analysis)
  • Developing secure web applications using MERN stacks
  • Building personalized AI projects for automation and analysis

๐Ÿ› ๏ธ Tools & Technologies I Use

๐Ÿ” Bug Bounty & Offensive Security

  • Burp Suite
  • CAIDO
  • Nmap
  • OWASP ZAP
  • Amass
  • Subfinder
  • FFUF
  • HTTPX
  • Personalized own python scripts
  • HackerOne platform

๐Ÿ›ก๏ธ SOC & Blue Team

  • Wazuh (SIEM / EDR)
  • OpenSearch / Dashboards
  • OpenCanary
  • Canarytokens
  • Wireshark
  • Sysmon
  • MITRE ATT&CK framework

๐Ÿฆ  Malware Analysis & Threat Research

  • YARA
  • VirusTotal
  • PEStudio
  • Ghidra (basic analysis)
  • Static & dynamic analysis concepts
  • Sandbox-based analysis workflows

๐Ÿ’ป Software Engineering & Development

  • MERN Stack (MongoDB, Express.js, React, Node.js)
  • Python
  • REST API design
  • Authentication & authorization
  • Secure backend development
  • Docker (basic usage)
  • Git & GitHub

๐Ÿ“ Software Engineering Concepts

  • Object-Oriented Programming (OOP)
  • Software Development Life Cycle (SDLC)
  • Secure coding principles
  • API security
  • Design patterns (basic understanding)

๐Ÿงช What Youโ€™ll Find in My Repositories/Portfolio

  • SOC-style detection and investigation labs
  • Deception engineering (honeypots & traps)
  • Bug bounty learning notes and labs
  • Secure backend and full-stack projects
  • Final year and academic projects
  • Documentation-focused, reproducible setups

โš ๏ธ All security work is ethical, legal, and permission-based.
No malware, no exploitation of real organisations, no harm.

๐Ÿ“ซ How to Reach Me

If you find my projects useful, feel free to star or fork them!
Iโ€™m always learning, experimenting, and improving

Pinned Loading

  1. pen-testing pen-testing Public

    A collection of ethical penetration testing automation scripts for OAuth/Auth0 testing, security header analysis, JWT token inspection, and web application misconfiguration detection.

    Python

  2. ai-log-Analyzer ai-log-Analyzer Public

    An AI-powered security log analysis tool that ingests Wazuh JSON alerts and automatically detects suspicious activity. The system explains what happened, why it matters, and provides clear remediatโ€ฆ

    JavaScript

  3. sumarly sumarly Public

    A smart summarization tool that automatically generates concise summaries from large text sources, improving reading efficiency and content comprehension.

    JavaScript

  4. ai-admin ai-admin Public

    A suite of AI-powered administrative tools that automate email management and phone interactions using cutting-edge Generative AI models.

    Python