Skip to content
View AvonS10's full-sized avatar

Highlights

  • Pro

Block or report AvonS10

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
AvonS10/README.md

Pasin Visuttipinate (Ryo)

Final-year Computer Science student at Mahidol University International College, focused on cybersecurity — security advisory and assurance, backed by hands-on application penetration testing and incident analysis, and the tooling that supports it.

About

  • BSc Computer Science (on track for First Class Honors), with a minor in Business Administration.
  • I work at the point where technical security findings meet business risk, controls, and clear recommendations.
  • Comfortable across both offensive testing and the governance side — ISO/IEC 27001, OWASP, and NIST CSF.
  • I also build secure software end to end — most recently AuditYote, a deployed full-stack GRC platform (below).

Featured

  • AuditYote · live — a full-stack GRC web application that turns the findings-to-controls workflow into software: log security findings, map them to ISO/IEC 27001:2022, OWASP Top 10:2025, and NIST CSF 2.0, move each through a role-gated review and sign-off workflow, score risk and program-wide posture, and export CSV/PDF compliance reports. Spring Boot + React + PostgreSQL, containerized, CI-scanned with Semgrep and Trivy, and deployed over HTTPS.
  • Security Portfolio — penetration-test reports, a malware/incident analysis, and a control-and-risk mapping to ISO 27001:2022, OWASP Top 10:2025, and NIST CSF 2.0. The hands-on analysis that AuditYote turns into a workflow.

Skills

  • Security: Web App Pentesting · Malware Analysis · Risk & Control Mapping · Burp Suite · Nmap · Wireshark · Kali Linux
  • Secure development: Java / Spring Boot · React / TypeScript · PostgreSQL · Spring Security · Docker · CI/CD (GitHub Actions) · Semgrep / Trivy · Python

Connect

Pinned Loading

  1. AvonS10 AvonS10 Public

  2. security-portfolio security-portfolio Public

    1

  3. audityote audityote Public

    AuditYote — full-stack GRC web app: map security findings to controls across ISO 27001 / OWASP Top 10 / NIST CSF, with a role-gated review & sign-off workflow, risk scoring/posture, and CSV/PDF com…

    Java

  4. Ponger Ponger Public

    Forked from K-Planky/Ponger

    Python 1