Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings
@supun2001
supun2001
Follow
View supun2001's full-sized avatar
😎
Open to work

Supun hasanka supun2001

😎
Open to work
MSc Cybersecurity student at UWS Scotland | BSc (Hons) in Software Engineering at Plymouth | SOC labs, bug bounty hunting, and AI projects enthusiast

Highlights

  • Pro

Block or report supun2001

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
supun2001 /README.md

πŸ‘‹ Hi, I’m Supun Hasanka

πŸ§‘β€πŸ’» Who Am I?

I’m Supun Hasanka, a cybersecurity learner and SOC-focused practitioner currently pursuing my MSc in Cybersecurity at the University of the West of Scotland (UWS), Scotland.

I hold a BSc (Hons) in Software Engineering (2:1) and have a strong interest in building practical, real-world security skills that bridge offensive and defensive security.

I enjoy working on hands-on labs, security research, and projects that simulate real SOC and attacker scenarios.

πŸš€ What I’m Currently Doing

  • Pursuing MSc in Cybersecurity (2025 - 2026)
  • Actively participating in the HackerOne Bug Bounty Program as a beginner
    (profile link)
  • Building SOC-style labs (SIEM, detection, log analysis)
  • Developing secure web applications using MERN stacks
  • Building personalized AI projects for automation and analysis

πŸ› οΈ Tools & Technologies I Use

πŸ” Bug Bounty & Offensive Security

  • Burp Suite
  • CAIDO
  • Nmap
  • OWASP ZAP
  • Amass
  • Subfinder
  • FFUF
  • HTTPX
  • Personalized own python scripts
  • HackerOne platform

πŸ›‘οΈ SOC & Blue Team

  • Wazuh (SIEM / EDR)
  • OpenSearch / Dashboards
  • OpenCanary
  • Canarytokens
  • Wireshark
  • Sysmon
  • MITRE ATT&CK framework

🦠 Malware Analysis & Threat Research

  • YARA
  • VirusTotal
  • PEStudio
  • Ghidra (basic analysis)
  • Static & dynamic analysis concepts
  • Sandbox-based analysis workflows

πŸ’» Software Engineering & Development

  • MERN Stack (MongoDB, Express.js, React, Node.js)
  • Python
  • REST API design
  • Authentication & authorization
  • Secure backend development
  • Docker (basic usage)
  • Git & GitHub

πŸ“ Software Engineering Concepts

  • Object-Oriented Programming (OOP)
  • Software Development Life Cycle (SDLC)
  • Secure coding principles
  • API security
  • Design patterns (basic understanding)

πŸ§ͺ What You’ll Find in My Repositories/Portfolio

  • SOC-style detection and investigation labs
  • Deception engineering (honeypots & traps)
  • Bug bounty learning notes and labs
  • Secure backend and full-stack projects
  • Final year and academic projects
  • Documentation-focused, reproducible setups

⚠️ All security work is ethical, legal, and permission-based.
No malware, no exploitation of real organisations, no harm.

πŸ“« How to Reach Me

If you find my projects useful, feel free to star or fork them!
I’m always learning, experimenting, and improving

Pinned Loading

  1. pen-testing pen-testing Public

    A collection of ethical penetration testing automation scripts for OAuth/Auth0 testing, security header analysis, JWT token inspection, and web application misconfiguration detection.

    Python

  2. ai-log-Analyzer ai-log-Analyzer Public

    An AI-powered security log analysis tool that ingests Wazuh JSON alerts and automatically detects suspicious activity. The system explains what happened, why it matters, and provides clear remediat...

    JavaScript

  3. sumarly sumarly Public

    A smart summarization tool that automatically generates concise summaries from large text sources, improving reading efficiency and content comprehension.

    JavaScript

  4. ai-admin ai-admin Public

    A suite of AI-powered administrative tools that automate email management and phone interactions using cutting-edge Generative AI models.

    Python

AltStyle γ«γ‚ˆγ£γ¦ε€‰ζ›γ•γ‚ŒγŸγƒšγƒΌγ‚Έ (->γ‚ͺγƒͺγ‚ΈγƒŠγƒ«) /