Tinusha Savidya
I try to find the cracks before the hackers do.
Combines resilient security architecture with automated vulnerability discovery. Focusing on making defense simple and clean.
Security Undergraduate • Security Architecture and Forensics
Security Engineer equipped with technical exposure in multi-host digital forensics and threat detection. Proven ability to preserve data continuity and synthesize findings into formal technical reports with hands-on experience securing SaaS systems and end-to-end VAPT.
Manage enterprise systems and networks. Autonomously design, deploy, monitor, and manage defensive measures.
Incident Handling & Response, Digital Forensics, CoC, SIEM/SOAR, IAM, Cyber Defence, DLP, Digital Key Management, RCA.
Binary Reverse Engineering, Exploitation Techniques, Vulnerability Scanning, Behavioural Analysis, Protocol Dissection.
Cloud & Network Architecture, Database, Network Telemetry, Sandboxing/Containers.
Risk-Based Judgment, Compliance Frameworks, IR Planning, Technical Report Writing.
SecOps: Microsoft Sentinel, Splunk, Elastic Security, Wireshark, Zeek
Forensics & Analysis: Autopsy, IDA, ANY.RUN, KAPE, Cutter, Ghidra, FTK
Infrastructure: Docker, SQL, Bash, Python, PowerShell, YARA
Offensive: Metasploit, BurpSuite, BloodHound
Defensive: CrowdStrike Falcon, Google SecOps, Elastic Security, Suricata, ManageEngine
Full lifecycle forensic investigation into policy violation. Deployed procedures for data collection, retention, and chain of custody. Used Volatility 3, Autopsy, and Plaso for host-based image collection and memory forensics. Reconstructed attack from telemetry and generated Supreme Court-admissible expert witness report.
Predictive Decision Support System in Flutter and FastAPI using smoothing and EOQ. Authored vulnerability assessment report, overhauled system architecture, deployed backups, implemented MFA, and administered application security.
Developed evasive fileless Command & Control Worm in Python simulating APT behavior to successfully hide Windows behavioral and network-layer telemetry.
Bypassed anti-debugging and performed static/dynamic analysis on a zombie worm and botnet using IDA and x64dbg. Deployed T-Pot and Cowrie honeypots for cloud-native IoT monitoring and real-time response to anomalies.
Writing on digital forensics, security architecture, and threat research. For the full collection, visit blog.tinusha.com.
A technical note on regulatory compliance requirements and the design of a cryptographic compliance ledger under the Sri Lankan PDPA framework.
An analysis of the July 2026 security incident at Accenture, investigating threat actor vectors, breach impacts, and architectural remediation steps.
A collection of secure systems, malware reverse engineering, and digital forensics projects.
A metabolic tracker that calculates your precise TDEE. Uses moving averages and regression models to filter out temporary weight fluctuations. Continuously updates calorie and macronutrient targets based on progress to prevent stalls and guarantee predictable results.
Engineered a predictive Decision Support System using Flutter and FastAPI. Applied smoothing and EOQ to maximize capital efficiency, conducted vulnerability assessments, and implemented MFA and backups.
Developed evasive fileless Command & Control Worm in Python simulating behavior of Advanced Persistent Threats. Successfully hid Windows behavioral and network-layer telemetry.
Reach me at hello@tinusha.com and @tinusha
Based in GMT+5:30, Typically responding within 24 hours.