01
Verified
~/perera$whoami
[ Sri Lanka · Remote ] — Available for select engagements
LakshithaPerera.
>
Offensive security research and resilient software engineering — I break systems to understand them, then build the ones that hold.
Founder // VulnHat21
ID — 0x4C50SUBJECT / VERIFIED
Focus
Offensive Sec
CVEs
Published
WSO2
Hall of Fame
Status
Active
01Profile
Breaker and builder, in equal measure.
I'm a 21-year-old cybersecurity engineer and software developer who lives at the seam between breaking systems and building them. My focus is offensive security research — finding the flaws that matter before adversaries do — backed by the engineering discipline to architect and ship resilient software.
I move fluently across the stack: red-team operations, network security, cloud architecture, and full-cycle product development. The result is security work grounded in how systems are actually built, and software built with an attacker's intuition baked in.
constage=21;// years
Education~/edu
BSc (Hons) Computer Science
Specialized in Networking & Network Security
Kingston University (UK)
Diploma in Advanced Software Development
Full-cycle software engineering
Professional Diploma
02Credentials
Certified across offense, defense & architecture.
A stack of industry certifications spanning red-team operations, network engineering, defensive security and multi-cloud architecture.
02
Verified
03
Verified
04
Verified
05
Verified
06
Verified
07
Verified
08
Verified
09
Verified
10
Verified
11
Verified
12
Verified
12 active credentials// continually expanding
03Flagship Research
Vulnerabilities found. Disclosed responsibly.
Original security research with real-world impact — from unauthenticated remote code execution to enterprise identity platform flaws.
CRITICAL01 / 02
Unauthenticated Remote Code Execution
target:Drupal v4.0
Discovered and responsibly disclosed an unauthenticated RCE chain allowing arbitrary code execution against affected Drupal v4.0 deployments — no credentials, full server compromise.
- Unauthenticated
- Remote Code Execution
- Responsible Disclosure
RECOGNIZED02 / 02
WSO2 Identity Server Vulnerabilities
target:WSO2 Identity Server
Identified multiple security vulnerabilities in the WSO2 Identity Server. Recognized in the official WSO2 Hall of Fame for coordinated, responsible disclosure.
- Identity & Access
- Coordinated Disclosure
- Hall of Fame
04Researcher Status
Active across the major bounty platforms.
Continuously hunting in the wild — from web applications to Web3 smart contracts.
05Trajectory
Leading from the front line.
Building security companies and architecting secure infrastructure.
Founder & Managing Director
01 — presentVulnHat (Pvt) Ltd
Founded and lead an offensive security company delivering penetration testing, red-team operations, and continuous security research.
- Leadership
- Offensive Security
- Red Team
Solution Architect
02 — presentTechzaz Networks (Pvt) Ltd
Architect secure, scalable cloud and network solutions — bridging infrastructure design with defensive security requirements.
- Cloud Architecture
- Network Security
- Systems Design
06Selected Work
Things I've built and shipped.
Live products spanning offensive security platforms, networking, and full-cycle delivery.
[ 07 ] — Contact
Let's secure
something together.
Open to security engagements, research collaboration, and select consulting. Reach out and I'll respond.
$echo "awaiting your message"