I am Sudeepa Wanigarathna, also known as CerberusMrXi, a Founder of Serendibware and Yooperlanka, an Ethical Hacker, and a CTF Engineer from Sri Lanka. I focus on cybersecurity, software engineering, and AI-driven innovation, creating projects that combine technology, creativity, and real-world solutions.
I specialize in web and API security, penetration testing, and developing story-driven CTF challenges that simulate real-world vulnerabilities. I enjoy exploring security research, building innovative software solutions, and turning complex technical concepts into practical learning experiences.
As a Software Engineering student, I am passionate about developing impactful products, exploring emerging technologies, and creating systems that solve real-world problems while helping others understand and improve digital security.
π±π° Ethical Hacker and Cybersecurity enthusiast from Sri Lanka
π§© CTF Engineer at HashX β creating realistic, story-driven cybersecurity challenges
π‘ Focused on web security, API security, and security research
π Software Engineering and Cybersecurity undergraduate at NIBM, affiliated with Coventry University and University of Lincoln
π Founder of Serendibware and Yooperlanka, building innovative technology solutions
π― Passionate about offensive security, software development, AI innovation, and sharing knowledge through CTFs
I enjoy turning real-world attack paths into hands-on labs so others can learn how attackers think.
- π Web & API Security β XSS, SSRF, IDOR, auth bugs, misconfigurations
- π CTF Design β web, forensics, crypto, misconfig + privilege escalation chains
- π§° Security Tooling β building custom tools for:
- Bluetooth security research
- XSS automation and WAF bypass testing
- SSRF exploitation & cloud metadata abuse
- Banking & fraud detection simulations
Sometimes a βsimpleβ LFI or upload bug is just the first step. π
These are tools, languages and platforms I explore / use across security, development, data and infrastructure.
Cloud / DevOps / Infra
Web / Frameworks
Databases / Data
Data / ML / Visualization
Security / Tools
Design / Media
"There is always a vulnerability. The question is whether you find it before the attacker does." πΊ








