Pesandu
Rashodya

Software Developer//Based in Sri Lanka

SCROLL TO EXPLORE

[ 001 ] INITIALIZING SYSTEMS...

Who I Am

Computer Science Undergraduate & Software Engineer. I specialize in architecting robust systems and building immersive web experiences that push the boundaries of what's possible.

User Portrait

Selected
Work

Secure Task Manager

Full-Stack DevSecOps Application
[ 01 ]
  • Developed a secure full-stack task management application using React and Node.js with JWT-based authentication, bcrypt password hashing, and Role-Based Access Control (RBAC).
  • Implemented a DevSecOps CI/CD pipeline using GitHub Actions integrating SAST with SonarQube and dependency vulnerability scanning (npm audit).
  • Integrated automated DAST scanning with OWASP ZAP in the pipeline to identify vulnerabilities such as XSS and CSRF during the build process.
  • Containerized the application using Docker and orchestrated services with Docker Compose to enable consistent and secure development environments.
  • Implemented input validation and sanitization middleware to mitigate injection attacks and improve API security.

Tech Stack

Node.jsReactDockerSQLiteGitHub Actions

Cloud-Native E-commerce Platform

Full-Stack Application
[ 02 ]
  • Developed a production-ready full-stack e-commerce platform using React and Node.js with JWT-based authentication, bcrypt password hashing, and Role-Based Access Control (RBAC).
  • Implemented a robust DevSecOps CI/CD pipeline using GitHub Actions, integrating SAST with Snyk and automated dependency vulnerability scanning (npm audit).
  • Integrated automated container security scanning with Trivy in the build pipeline to identify vulnerabilities in Docker images and ensure a secure deployment lifecycle.
  • Containerized the application using Docker and orchestrated services with Kubernetes (K8s) and Docker Compose to enable consistent development and high-availability production environments.
  • Automated infrastructure provisioning and application deployment using Ansible playbooks to ensure scalable and idempotent environment setup on AWS EC2.

Tech Stack

Node.jsReactDockerKubernetesAnsibleGitHub Actions
[ SYSTEM DATA STREAM ]
[ SCROLL VELOCITY: UNLOCKED ]
PythonBashJavaScriptTypeScriptJavaSQLReact.jsNode.jsExpress.jsSpring BootPythonBashJavaScriptTypeScriptJavaSQLReact.jsNode.jsExpress.jsSpring BootPythonBashJavaScriptTypeScriptJavaSQLReact.jsNode.jsExpress.jsSpring BootPythonBashJavaScriptTypeScriptJavaSQLReact.jsNode.jsExpress.jsSpring Boot
AWS (EC2, S3, IAM, VPC, Lambda)DockerDocker ComposeKubernetesTerraformAnsibleGitHub ActionsCI/CD PipelinesInfrastructure as Code (IaC)AWS (EC2, S3, IAM, VPC, Lambda)DockerDocker ComposeKubernetesTerraformAnsibleGitHub ActionsCI/CD PipelinesInfrastructure as Code (IaC)AWS (EC2, S3, IAM, VPC, Lambda)DockerDocker ComposeKubernetesTerraformAnsibleGitHub ActionsCI/CD PipelinesInfrastructure as Code (IaC)AWS (EC2, S3, IAM, VPC, Lambda)DockerDocker ComposeKubernetesTerraformAnsibleGitHub ActionsCI/CD PipelinesInfrastructure as Code (IaC)
NmapWiresharkBurp SuiteNessusMetasploitableWazuhSplunkOWASP Top 10Linux HardeningTLS/SSLJWTOAuth 2.0SnykTrivyNmapWiresharkBurp SuiteNessusMetasploitableWazuhSplunkOWASP Top 10Linux HardeningTLS/SSLJWTOAuth 2.0SnykTrivyNmapWiresharkBurp SuiteNessusMetasploitableWazuhSplunkOWASP Top 10Linux HardeningTLS/SSLJWTOAuth 2.0SnykTrivyNmapWiresharkBurp SuiteNessusMetasploitableWazuhSplunkOWASP Top 10Linux HardeningTLS/SSLJWTOAuth 2.0SnykTrivy
MySQLPostgreSQLMongoDBFirebase FirestoreGitLinux/UnixVS CodeIntelliJ IDEAPostmanMySQLPostgreSQLMongoDBFirebase FirestoreGitLinux/UnixVS CodeIntelliJ IDEAPostmanMySQLPostgreSQLMongoDBFirebase FirestoreGitLinux/UnixVS CodeIntelliJ IDEAPostmanMySQLPostgreSQLMongoDBFirebase FirestoreGitLinux/UnixVS CodeIntelliJ IDEAPostman

Let's
Talk

pesandurashodya@gmail.com