Lakshitha Prabhath

whoami.

Hey there! I’m a passionate Penetration Tester with over 8 years of experience securing web, network, cloud, and mobile environments. Currently, I lead a VAPT team, where I dive deep into penetration testing, server hardening, configuration reviews, and some other cool stuff. I love automating workflows with Python, Bash, and C++ to make life easier . From running phishing campaigns to securing large-scale infrastructures, I’ve got a knack for finding vulnerabilities before they become problems. Oh, and when I’m not working, you’ll find me hacking away in CTF competitions. I’ve solved 220+ Hack The Box machines and 100+ TryHackMe rooms . I’m all about precision, efficiency, and staying one step ahead in the ever-evolving world of cybersecurity.

Here are some of the things that I'm good at:

Penetration Testing
Incident Response
HackTheBox

Malware Development
Programming
Threat Hunting

Experience

I’ve had the exciting opportunity to contribute to both Red and Blue Team operations, wearing multiple hats as a penetration tester, vulnerability assessor, and incident responder. Whether it’s securing web, network, and cloud environments or collaborating with teams to strengthen an organization’s security posture, I thrive on turning challenges into solutions.

Penetration Tester#Connex IT Vectra

July 2023 - Present

Conducted penetration testing and vulnerability assessments for web applications, APIs, internal networks, cloud environments, and mobile platforms.
Performed server hardening and configuration reviews for firewalls, Windows (DC)/Linux servers, network devices, database servers, web servers, and user endpoints to ensure secure configurations.
Contributed to both Red and Blue Team operations, including threat hunting, incident response, and proactive defense strategies.
Utilized advanced security tools such as Cortex XSIAM/XDR, LogRhythm, Sekoia, Splunk, Trend Micro, Darktrace, and Resecurity for monitoring, detection, and response.
Designed and executed phishing simulations for large corporations using open-source tools (SniperPhish, GoPhish) and commercial platforms.
Conducted cybersecurity training sessions and awareness programs to enhance organizational security knowledge.
Applied expertise in code reviews and secure system configurations to minimize risks and vulnerabilities.

Things that i'm Good at.

Curious about what I bring to the table? Here’s a sneak peek at some of the skills I’ve mastered. Dive in and see what I’m all about!

#01 HackTheBox

Since 2019, I’ve been actively immersed in Hack The Box, where I’ve achieved the Pro Hacker level and successfully pwned over 220 machines. I’m proud to hold the title for the most boxes pwned in Sri Lanka and have consistently ranked among the top 10 players in the country. Beyond the leaderboard, I’ve collaborated with cybersecurity enthusiasts worldwide, sharing knowledge, mastering advanced techniques, and mentoring others to level up their skills.

🔗 Link

#02 TryHackMe

I’ve been an active TryHackMe enthusiast since 2018, reaching Guru Level by conquering over 100 rooms spanning both Red and Blue Team operations. Beyond solving challenges, I’ve engineered custom content like vulnerable Windows and Linux boxes for private CTF competitions hosted on the platform. Whether it’s breaking into systems or building defenses, I thrive on hands on learning and practical challenges that sharpen my offensive and defensive cybersecurity skills.

🔗 Link

Giving Back to The community.

As a non-professional cyber security enthusiast, it's my responsibility to give something back to the community. You can find my Blog where I talk about various topics related to cyber security and CTF writeups and things like that here.

I also have a Discord Server where you can hangout and have a chat with the other community members or with me.

Lakshitha

Prabhath.

Penetration Tester

whoami.

Experience

Things that i'm Good at.

Giving Back to The community.