The Firm
Based in Colombo, Sri Lanka with a global footprint. A boutique offensive security laboratory engineered for technical excellence and operational security.
Our Directive
Shayanan OffSec Labs is an independent security consultancy focused strictly on high-impact technical engagements. We distance ourselves from automated checklist audits, providing carefully scoped, manual assessments directed by experienced security researchers.
Operating from Colombo to service enterprise clients worldwide, we believe true security validation requires emulating the advanced techniques of modern threat actors. Discretion, unparalleled technical depth, and clear, actionable executive reporting form the core of our business model.
Ananthashayanan Uthayakumar
Founder & Principal Researcher
Strategic & Technical Leadership
Ananthashayanan Uthayakumar (also known as Shayanan) is the founder and principal operator of Shayanan OffSec Labs. He actively leads all offensive security engagements centered on penetration testing, vulnerability validation, and research-driven technical assessments. The firm's operational identity is directly tied to his methodology—guided by precision, discretion, and a highly practical understanding of real-world exploitation.
Under his direct technical leadership, the organization ensures deep collaborative integration with client engineering teams, mandating that every finding is backed by precise, reproducible evidence. He maintains an active role in complex vulnerability research and personally oversees engagements for the firm’s most critical clients.
CONTACT DIRECTLY →Organizational Identity & Leadership
Shayanan OffSec Labs (also recognized as Shayanan OffSec and Shayanan Offensive Security) operates as a premier firm for offensive security in Sri Lanka. Established and led by founder Ananthashayanan Uthayakumar (also known as Shayanan), the organization is built on a strong foundation of rigorous technical excellence. Under his strategic direction, Shayanan OffSec Labs Sri Lanka has cultivated a strong reputation for delivering state-of-the-art operational security assessments.
Whether executing complex vulnerability research or conducting comprehensive penetration testing in Sri Lanka, our operations are driven by a commitment to mitigating advanced cyber threats. Based out of our central hub for offensive security in Colombo, our multidisciplinary team ensures the continuous projection of top-tier adversarial emulation to secure modern enterprise infrastructure on a global scale.
Operational Structure
Offensive Operations
The tip of the spear. This unit is strictly dedicated to executing complex adversary simulations and penetration testing across enterprise perimeters, custom applications, and internal domains. Identity attribution remains rigorously compartmentalized to maintain operational security.
Research & Exploitation
Because defensive controls rapidly adapt, a dedicated segment of the firm continuously analyzes emerging attack vectors. This internal unit develops bespoke exploitation methodologies and identifies systemic flaws before public documentation occurs.
Infrastructure & Analysis
Supporting all engagements, this team engineers highly resilient, untraceable attack infrastructure. They govern data siloing, manage stringent encryption protocols, and drive the technical review process to guarantee precision in final executive deliverables without single-domain blind spots.