Thanks to visit codestin.com
Credit goes to Github.com

Skip to content
View AazafRitha's full-sized avatar
2 followers · 4 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Highlights

  • Pro

Block or report AazafRitha

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
AazafRitha/README.md

Aazaf Ritha

Cybersecurity Enthusiast | Ethical Hacker | Security Researcher

BSc (Hons) in Information Technology – Specializing in Cyber Security
Sri Lanka Institute of Information Technology (SLIIT)
Google Certified Cybersecurity Professional

I am a cybersecurity undergraduate with practical experience in penetration testing, network defense, cryptography, and vulnerability research. I focus on applying defensive controls, conducting ethical offensive testing in isolated labs, and producing high-quality technical reports and reproducible playbooks.

Aazaf Ritha

Technical Expertise

Linux Kali Linux Python Bash Metasploit Wireshark Nmap GitHub

Domain Key Skills
Offensive Security Penetration Testing, Metasploit, Burp Suite, OWASP ZAP, CTFs, OSINT
Defensive Security (SOC) Threat Detection, SIEM, IDS/IPS, pfSense, Wireshark, Incident Response
Cryptography AES, RSA, SHA-256, HMAC, Key Management
Networking TCP/IP, VLANs, DHCP, DNS, Firewalls, VPNs
Programming & Scripting Python (automation & tooling), Bash, JavaScript, SQL
Compliance & Governance ISO/IEC 27001, PDPA, GDPR awareness

Selected Projects

EternalBlue & Shellshock Exploitation Lab

Tools: Metasploit, Windows 7, Metasploitable2
Built an isolated red-team lab and executed controlled PoCs for MS17-010 (EternalBlue) and CVE-2014-6271 (Shellshock). Captured post-exploit evidence and documented remediation.
Repository · Report

Cryptography Algorithms – AES, RSA & SHA-256

Tools: Python, PyCryptodome, hashlib
Implemented and benchmarked AES, RSA and SHA-256 to evaluate confidentiality, integrity and authentication properties; produced performance graphs and secure usage recommendations.
Repository · Report

ISO/IEC 27001 Implementation Toolkit

Focus: ISMS, Risk Register, SoA, Audit Templates
Created a full ISO 27001:2022 implementation toolkit and gap analysis guidance for certification readiness.
Repository

Employee Awareness Portal – Guardians Solution

Stack: MERN, Role-Based Access, Phishing Simulation (controlled)
Delivered an awareness platform with quizzes, learning tracks, phishing simulation campaigns, certificates, and admin analytics.
Repository

Bug Bounty & Vulnerability Research Reports

Documented 10+ web-app assessments aligned to OWASP Top 10 with PoCs and remediation guidance.
Repository

pfSense Firewall & DoS Simulation

Configured pfSense rules, traffic shaping and ran controlled DoS tests to evaluate mitigation techniques.
Repository

Certifications

  • Google Cybersecurity Professional Certificate
  • Cisco Ethical Hacker
  • Cisco Junior Cybersecurity Analyst
  • Linux Administration & Security
  • Cisco: Introduction to Cybersecurity
  • Cisco: Networking Basics

Research Interests

Penetration testing, SOC operations and monitoring, cryptographic systems, threat intelligence, and security automation.

Contact

Email: [email protected]
LinkedIn: https://linkedin.com/in/aazaf-ritha
GitHub: https://github.com/AazafRitha
Medium: https://medium.com/@jamahiraazafritha

Defending the digital world through precision, ethics and technical rigor.

Pinned Loading

  1. Y2S1_Linux_network_administration_project_2024 Y2S1_Linux_network_administration_project_2024 Public

    A Project showcasing Linux system administration tasks including DHCP, DNS, NTP, shell scripting and security practices.

    1

  2. Y2S1_Ransomware_Assignment_2024 Y2S1_Ransomware_Assignment_2024 Public

    A detailed study on ransomware, its evolution, future trends, and mitigation strategies.

    1

  3. Y2S2_bug_bounty_reports_2025 Y2S2_bug_bounty_reports_2025 Public

    A collection of 10 vulnerability assessment reports documenting real-world web security issues (Cryptographic Failures, XSS, Clickjacking, Open Redirect, CORS Misconfigurations, Hash Disclosures, a…

    1

  4. password-security-checker password-security-checker Public

    A real-time password strength and policy enforcement tool.

    JavaScript