Adventures In Security

About Me

About

I received my MSc in Cybersecurity at the IU International University of Applied Sciences in Germany. Previously, I obtained my bachelor's degree from Singhania University. During my postgraduate studies, I was working on reasoning in LLMs for code generation and LLM-related cybersecurity; as a result, I developed a new approach for guiding the generation process. It consisted of a separate deep-think stage with self-reflection and a direct integration of thoughts (hidden states) into the LLM's main generation's hidden states using model surgery! This framework called LLM Reasoning Framework is applicable to various LLMs without finetuning. As an extension, It has a thought memory manager which controls the memories and thoughts of the LLM (not included in the evaluations) which allows the integration of approaches like Neural Turing Machines or DNC and LLMs.

Research Interests

My research focuses on the intersection of artificial intelligence and cybersecurity, particularly exploring how advanced reasoning capabilities in LLMs can be leveraged for security applications and threat detection.

A major challenge in current AI models is their struggle with generalization, consistent logical reasoning, and decision-making, especially in cybersecurity scenarios that require multi-step inference, vulnerability analysis, or handling previously unseen attack patterns. Current models (i.e., LLMs) can generate highly semantically coherent text, yet often fail in robust reasoning abilities necessary for tasks such as complex threat analysis, security planning, or adapting to novel cyber threats.

Researchers have explored many approaches such as prompt engineering methods (e.g., CoT and self-reflection), which can enhance reasoning abilities to an extent as a temporary and short-term solution; however, they are limited and are not architecturally native to the models. Therefore, my research focuses on developing differentiable approaches for implementing iterative reasoning and decision-making for LLM-powered security systems and autonomous threat detection agents. This involves developing new architectures that can maintain coherent thought processes across multiple inference steps in security-critical contexts.

Currently, I am exploring how advanced reasoning frameworks can improve LLM performance in code generation, vulnerability detection, and automated security analysis. My work involves integrating deep-think stages with self-reflection mechanisms and direct thought integration through model surgery techniques, enabling LLMs to reason more effectively about security problems without requiring extensive fine-tuning.

In a wider context, I am fascinated by the idea of developing intelligent security systems that combine specialized capabilities such as threat memory and rapid learning, goal-driven defense planning, anomaly detection, and error monitoring that operate collaboratively to make informed security decisions within complex environments. I am interested in transformers and attention mechanisms with applications in security contexts: adversarial robustness, multimodal threat detection, and self-supervised learning for zero-day vulnerability discovery.

Research Highlights

LLM Security and Reasoning: Developing advanced reasoning frameworks for LLMs in cybersecurity applications
Automated Threat Detection: Leveraging deep learning for vulnerability analysis and security code generation
Model Surgery and Architecture Innovation: Direct integration of thought processes into LLM hidden states without fine-tuning
AI-Powered Security Systems: Building intelligent agents for autonomous threat detection and response

News

Completed MSc in Cybersecurity at IU International University of Applied Sciences, Germany - 2024
Developed LLM Reasoning Framework for enhanced code generation and security analysis

Awards

MSc in Cybersecurity, IU International University of Applied Sciences, Germany
Bachelor's degree, Singhania University

Certifications

Offensive Security Exploitation Expert (OSEE)
Offensive Security Exploit Developer (OSED)
Certified Red Team Lead (CRTL)
Certified Red Team Operator (CRTO)
Offensive Security Experienced Penetration Tester (OSEP)
Offensive Security Certified Expert (OSCE)
Offensive Security Certified Professional (OSCP)
Certified Red Team Expert (CRTE)
Certified Red Team Professional (CRTP)
Certified Penetration Testing Specialist (CPTS)
Certified Azure Penetration Tester (CAPE)

Training & Professional Development

2024

HackerOps - Antisphony Training (Ralph May)
Enterprise Attacker Emulation and C2 Implant Development - Antisphony Training (Joff Thyer)
Active Defense & Cyber Deception - Antisphony Training (John Strand)
Attack Emulation Tools: Atomic Red Team, CALDERA and More - Antisphony Training (Carrie Roberts)
Advanced Offensive Tooling - Antisphony Training (Chris Traynor)
Modern Initial Access and Evasion Tactics (mgeeky)
Offensive Coding (Mr.Un1k0d3r)

2023

SANS SEC565 - Red Team Operations and Adversary Emulation
Advanced Red Team Operations - White Knight Labs
Red Team & Operational Security - Dark Vortex (Chetan Nayak)
Offensive Tool Development - Dark Vortex (Chetan Nayak)
Malware On Steroids - Dark Vortex (Chetan Nayak)
Red Team Operator: Malware Development Advanced - Sektor7
Adversary Simulation and Red Team Tactics - MDSec

2022

Red Team Lead (CRTO2) - Zero-Point Security
Windows Internals (Pavel Yosifovich)
Advanced Windows Exploitation - OffSec
Malware Development Intermediate - Sektor7
Red Team Training (Mr.Un1k0d3r)
Attacking and Defending Active Directory: Advanced Edition Bootcamp - Pentester Academy (Nikhil Mittal)

2021

Windows User Mode Exploit Development - OffSec
Red Team Operator (CRTO) - Zero-Point Security
Creative Red Teaming - Mandiant

2019-2020

SANS SEC760 - Advanced Exploit Development for Penetration Testing
SANS SEC660 - Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
SANS SEC560 - Enterprise Penetration Testing

2018

Advanced Software Exploitation - Ptrace Security
Vulnerability Discovery and Triage Automation - OffensiveCon

2015-2016

Reverse Engineering with IDA Pro - BlackHat EU
Adversary Simulation and Red Team Tactics - MDSec
Att&cking the Enterprise: A Purple Team's Approach to Protecting Your Environment - BlackHat

Education

IU International University of Applied Sciences

MSc. Cybersecurity

2023 - 2024

Leading German university specializing in applied sciences and cybersecurity education

Specialized in AI Security, LLM Reasoning, and Advanced Threat Detection Systems

Key Projects and Achievements:

LLM Reasoning Framework: Developed novel architecture integrating deep-think stages with self-reflection and direct thought integration into LLM hidden states using model surgery techniques (GitHub)
Implemented thought memory manager for LLM reasoning systems, enabling integration with Neural Turing Machines and Differentiable Neural Computers
Security-focused Code Generation: Built LLM-powered system for automated secure code generation and vulnerability detection
Adversarial AI Research: Explored robustness techniques for LLMs against prompt injection and adversarial attacks
Red Team Automation: Developed AI-assisted tools for penetration testing and security assessment workflows
Malware Analysis: Applied machine learning techniques for behavioral analysis and threat classification

Singhania University

Bachelor's Degree in Computer Science

2014 - 2018

Comprehensive foundation in computer science, software engineering, and information security

Built strong foundation in programming, algorithms, and security fundamentals that enabled transition into advanced cybersecurity research

Key Areas and Projects:

Software Development: Proficient in Python, C/C++, Java, and web technologies for building security tools
Network Security: Deep dive into TCP/IP, network protocols, firewalls, and intrusion detection systems
Cryptography: Implementation of various encryption algorithms and security protocols
Web Application Security: OWASP Top 10, SQL injection, XSS, CSRF, and secure coding practices
System Administration: Linux/Windows server hardening, security configuration, and log analysis
Database Security: Secure database design, access control, and data protection techniques
Capstone Project: Security assessment framework combining static and dynamic analysis for vulnerability detection
Open Source Contributions: Active contributor to cybersecurity tools and security-focused projects (GitHub Profile)

Experience

Dubai Health Authority

Senior Application Security Engineer

May 2022 - Present

Leading healthcare cybersecurity initiatives in Dubai, UAE

Conducting penetration testing engagements on internal systems, addressing vulnerabilities with stakeholders, and recommending remediation measures
Performing red team exercises to simulate real-world attacks, enhancing defensive capabilities and improving incident response
Conducting comprehensive security testing across network, cloud, web application, API environments, IoT, and biomedical devices
Performing SAST and DAST security testing using AppScan, Checkmarx, and BurpSuite Pro to identify vulnerabilities
Handling Imperva DAM (Database Activity Monitoring) to monitor database activities, alerts, and incidents
Performing regular Nessus vulnerability assessments, providing weekly internal reports and monthly reports to DESC
Utilizing malware analysis techniques including reverse engineering and sandboxing to examine potential threats
Blocking IOCs at TIE (Trellix Threat Intelligence Exchange) to prevent malware propagation
Ensuring compliance with security standards (Dubai DESC, OWASP, ISO 27001, GDPR)
Leading incident management efforts during security breaches and coordinating remediation

AIX Investment Group - Burj Khalifa

Red Team/Offensive Security Engineer

Jan 2019 - Apr 2022

Securing blockchain infrastructure and cryptocurrency trading platforms in Dubai

Conducted penetration testing on blockchain infrastructure and cryptocurrency trading platforms
Performed red team exercises to simulate real-world attacks on blockchain-based systems
Facilitated purple team activities using SCYTHE, Atomic Red Team, CALDERA to enhance security resilience
Conducted DAST and SAST security assessments using HCL App-Scan, Fortify, Checkmarx, and Burp Suite Pro
Collaborated with stakeholders to implement security controls for secure cryptocurrency storage and transmission
Utilized malware analysis techniques to analyze threats to blockchain-based systems
Created comprehensive written reports detailing assessment findings and security recommendations
Provided clear oral briefings to leadership on assessment results and security improvements

Department of Defense

Red Team/Offensive Security Engineer

Jan 2015 - Dec 2018

Nation-state level red team operations in Colombo, Sri Lanka

Started as trainee red team operator, progressing to seasoned Red Team Operator through continuous training
Received advanced training from premier organizations including MDSec and BlackHat
Conducted red team exercises simulating APT group TTPs to identify and exploit vulnerabilities
Participated in joint exercises with government agencies, military branches, and international partners
Provided expert testimony to senior leadership on red team exercises and penetration testing results
Conducted thorough after-action reviews with actionable recommendations to improve security posture
Participated in developing training materials, procedures, and TTPs for red team operations
Conducted post-exercise debriefs to identify lessons learned and enhance red team effectiveness

Open Source Community

Security Researcher & Open-Source Developer

2019 - Present

Contributing to cybersecurity and AI security research

Developed LLM Reasoning Framework for enhanced code generation and security analysis
Created security tools and frameworks for offensive security operations
Contributing to open-source penetration testing and red team tooling
Research on AI security, adversarial robustness, and LLM vulnerabilities
Sharing knowledge through technical writeups and tool releases
Collaborating with security researchers on emerging threat research

Dilanka Kaushal Hewage