50+
Vulnerabilities found across company IAM/IAG systems
Portfolio
Follow
AATHILDUCKY
Introduction
Building secure experiences with a sharp, modern edge.
Passionate about ethical hacking, secure coding, CTF challenges, and building tools that detect and prevent real-world threats. Focused on Python automation, web security, and practical defense with hands-on CTF writeups.
Focus
Web security, recon, and vulnerability research.
Tooling
Python, JavaScript, automation, and OSINT workflows.
Goal
Ship secure systems and share practical best practices through CTF writeups and security research.
Snapshot
Cybersecurity
Student builder working on secure coding, detection, and practical defense.
Security terminal (ASCII animation)
// about
From curious tinkerer to security engineer
My path into tech started the evening of my last A/L exam in 2020, when I decided to enter IT. What followed was years of relentless self-learning — web development, Python, data science, design, and AI — until I found the field that truly stuck: security.
I'm a builder who got into breaking. I explored a lot of disciplines, and what once felt like a lack of focus turned into my biggest advantage: I understand systems from both the developer's and the attacker's side. Every detour eventually led me back to security — so I lean into being versatile while going deep where it matters most.
Today I'm a Security Engineer at Welford Systems. I secure backend endpoints and still ship full-stack products and automation tools on the side.
Self-taught
Security-first
Full-stack
Versatile
Always learning
Problem solver
// highlights
By the numbers
2 mo
From intern to permanent Security Engineer at Welford Systems
Rank 41
District rank, G.C.E. A/L (Physical Science stream)
Full
Scholarship — BSc Computer Science, Eastern University
3K+
YouTube subscribers across tech & security content
5+ yrs
Hands-on across development & security since 2020
// journey
Experience timeline
A focused path across freelancing, full-stack product work, and cybersecurity operations.
Freelancing
Part-time independent work
Taking on part-time freelance projects since 2022, building websites, custom features, and practical digital solutions for real client needs.
Web Development
SEO
UI/UX
Responsive Design
REST APIs
API Integration
Database Design
MySQL
MongoDB
JavaScript
TypeScript
Python
Django
FastAPI
Flask
WordPress
Node.js
Next.js
React.js
PHP
Figma
Deployment
Technical Support
Full-Stack Developer
CBS Solution (Pvt) Ltd
Worked across frontend and backend delivery, shipping web applications, business tools, and production-ready features with a strong focus on reliability and usability.
Web Development
SEO
UI/UX
Responsive Design
REST APIs
API Integration
Database Design
MySQL
MongoDB
JavaScript
TypeScript
Python
Django
FastAPI
Flask
WordPress
Node.js
Next.js
React.js
PHP
Git
Testing
Debugging
Deployment
Security Engineer
Welford Systems
Joined as an intern and was promoted to a permanent role within two months. I focus on backend endpoint security, have identified 50+ vulnerabilities across our IAM/IAG systems, and deploy and manage the company website on Linux infrastructure.
GRC
IAM
IAG
Vulnerability Assessment
Web App Pentesting
Security Auditing
Risk Assessment
Compliance
Burp Suite
Metasploit
Linux
Networking
Python Scripting
Bash Scripting
System Administration
SIEM
Incident Response
Log Analysis
Hardening
Azure Cloud
AWS
OSINT
Threat Analysis
Reconnaissance
// education
Education
A scholarship-backed Computer Science degree, anchored by a security-focused final-year research project.
BSc (Hons) in Computer Science
Eastern University, Sri Lanka
Admitted on a full scholarship based on A/L results. Final-year research project: "Sensitive Information Finder in Client-Side Code" — a security tool that scans client-side code to detect exposed secrets, credentials, and sensitive data.
Computer Science
Application Security
Static Analysis
Research
Python
G.C.E. Advanced Level — Physical Science
Combined Mathematics (B), Physics (B), Chemistry (B). The evening of my final A/L exam in 2020 is when I committed to a career in IT — and never stopped learning since.
Mathematics
Physics
Chemistry
Problem Solving
// services
What I can build for you
Available for security engineering roles, freelance security assessments, and full-stack & automation projects.
Security Assessments
Web application penetration testing, vulnerability assessments, IAM/IAG review, and secure code review with clear, prioritized remediation.
Full-Stack Web Apps
Production-ready apps with Django, FastAPI, Flask, Node.js, React/Next.js, and WordPress — built secure by default and responsive across devices.
Business Systems
Booking systems, POS systems, job portals, and custom internal tools designed around real client workflows and day-to-day operations.
Automation & Tooling
Python scripts, OSINT workflows, Linux deployments, and AI-assisted tools tailored to your exact use case to remove repetitive manual work.
Selected Work
Popular repositories
Loading repositories...
Portfolio
Projects
Loading projects...
Activity
Contributions
Less
More
Blog & Writeups
Latest writeups
Loading writeups...
// contact
Let's build something secure.
Open to security engineering roles, freelance security assessments, and full-stack or automation projects. The fastest way to reach me is through the channels below.
Where I train & practice
TryHackMe
Hack The Box
HackerOne
LeetCode
HackerRank
Repositories
Loading repositories...
Projects
Loading projects...
Packages
View repoLoading packages...
Stars
Starred listLoading stars...
Writeups
ctflogs.comLoading writeups...