Visula Peduruhewage

Detail-oriented and motivated cybersecurity enthusiast with foundational knowledge in network security, threat detection, and incident response. Seeking an Information Security Internship to apply my skills in vulnerability assessment, risk management, and threat mitigation while contributing to the organization's cybersecurity initiatives. Eager to learn and grow in a collaborative environment, with a commitment to maintaining high security standards and supporting the protection of information assets.

• CompTIA Security+
• Google Cybersecurity Specialization

SET Social Engineering Simulation

• Developed and executed a simulated phishing campaign using the Social Engineering Toolkit (SET), crafting realistic emails with malicious links to demonstrate potential security vulnerabilities in end-user behavior. Successfully identified areas of weakness in user training and awareness
• Engineered a targeted mailing attack that sent malicious links to users, simulating real-world social engineering threats. Analyzed user responses and behavior, providing valuable insights for strengthening the organization's email security policies and phishing defense mechanisms
• Created a detailed assessment report with actionable insights and recommendations for improving defenses and response strategies against phishing threats

SQL Injection Exploitation

• Executed SQL Injection attacks in a controlled environment to identify and exploit vulnerabilities in web applications. Developed and tested various payloads to demonstrate potential data breaches and unauthorized access, enhancing understanding of common attack vectors and their impact on database security
• Utilized advanced SQL Injection (SQLi) detection techniques, including manual input validation and automated scanning tools such as SQLMap and Burp Suite, to identify and analyze web application vulnerabilities
• Designed and conducted comprehensive SQL Injection vulnerability assessments, including crafting detailed reports on discovered vulnerabilities and their potential risks. Proposed and implemented remediation strategies such as input validation and parameterized queries to mitigate SQLi risks and strengthen application security

System Configuration Gap Analysis

• Conducted a thorough system configuration gap analysis by comparing current configurations against best practices and industry standards. Identified discrepancies and potential security weaknesses, providing actionable recommendations for aligning systems with organizational and regulatory requirements
• Conducted a thorough system configuration gap analysis by comparing current configurations against best practices and industry standards. Identified discrepancies and potential security weaknesses, providing actionable recommendations for aligning systems with organizational and regulatory requirements

Python Port Scanner 

• Developed a custom port scanner in Python to identify open ports and potential vulnerabilities in networked systems. Implemented features to scan a range of IP addresses and ports, providing real-time feedback on network security status
• Engineered advanced scanning techniques in Python, including TCP SYN and full-connect scans, to detect and classify open ports. Enhanced the scanner’s functionality by integrating logging and reporting features for detailed vulnerability assessments
• Optimized the performance and accuracy of the port scanner through efficient multi-threading and concurrency techniques in Python, reducing scan time and increasing reliability. Conducted comprehensive testing and debugging to ensure the tool's robustness and effectiveness in various network environments