Hi, I'm Kulindu Kodithuwakku

I am an Offensive Security Professional with deep expertise in web application penetration testing, red teaming, and bug bounty hunting. As a dedicated cybersecurity undergraduate, I’ve delivered dozens of assessments, trained teams, and contributed to securing digital infrastructures across industries.

My passion lies in simulating real-world threats, building CTF challenges, and producing clear remediation-focused reports to help organizations strengthen their defenses.

Location: Malabe, Sri Lanka
Email: kulindukodithuwakku@gmail.com
LinkedIn Kulindu Kodithuwakku LinkedIn

Hire / Contact View Certifications

Experience

Offensive Security Professional - OREL IT

2025 — Present

Conduct comprehensive security assessments, including penetration testing of web applications, networks, and systems.
Identify vulnerabilities and provide actionable remediation guidance to enhance clients’ overall security posture.
Collaborate with clients to implement security best practices and ensure compliance with industry standards.

Lead Penetration Tester - Legion Offensive Security

2024 — Present

Plan, coordinate and lead full-scope red team engagements as well as in-depth web application penetration tests for small and medium-sized enterprises, simulating realistic threat scenarios to uncover critical vulnerabilities.
Deliver clear, actionable remediation reports, run interactive debrief sessions and client workshops to help teams understand risks and implement effective security improvements.

CTF Lead

Freelance

As the Capture The Flag (CTF) Lead at Hackathon Hub – NSBM, I am responsible for organizing and leading cybersecurity training sessions, workshops, and internal CTF competitions to prepare students for national and international events. My role involves mentoring team members in areas such as ethical hacking, vulnerability assessment, and critical problem-solving. I guide participants on how to approach real-world cyber challenges, foster teamwork under pressure, and develop technical strategies to enhance our competitive edge in the cybersecurity arena.

Freelance Cybersecurity Consultant

Freelance

Conduct bug bounty hunts and participate in CTF challenges to discover vulnerabilities and sharpen offensive security skills.
Perform hands-on threat emulation, including web application and network penetration testing for clients on a project basis.
Provide actionable remediation guidance and security recommendations to improve client security posture.

Skills

Web Application Pentesting

Active Directory Pentesting

Network Pentesting

Red Teaming

Bug Bounty

CTF Design & Training

Certifications

Hack The Box - Certified Penetration Testing Specialist

2025

Hack The Box - Certified Bug Bounty Hunter

Sep 2025

Hack The Box - Certified Web Exploitation Specialist

Sep 2025

Try Hack Me - PT1

2025

INE Security - eJPT

2025

Cyber Warfare Labs - Certified Red Team Analyst

Jul 2025

Google - Google Cybersecurity Professional Certificate

2023

Events & Achievements

Runners-up - Cybersprint CTF (NSBM)

2024

Champions - Cypher 2.0 Interuniversity CTF

Dec 2024

2nd Runners-up - Battle of The Multiverese

2024

Runners-up - AlgoXplorer

2024

Champions - CICRA Cybersecurity Summit CTF

2024

2nd Runner Up - Medusa 1.0

2025

Runner Up - CryptX

2025

Champions - HackToNight 2.0

2025

2nd Runner Up - Cybershield 4.0

2025

Education

Bachelor of Information Technology (Major in Cybersecurity) — Victoria University Melbourne
Foundation in IT — NSBM
GCE O/L — Horizon College International

Contact

Email: kulindukodithuwakku@gmail.com
Phone: +94 76 658 5478