Chris Sullo started CIRT.net in the year 2000 as a place to house the default password and port databases. In 2001, he wrote and released Nikto, which quickly became one of the most popular open source web security tools.

He co-founded the Open Security Foundation non-profit for the Open Source Vulnerability Database (OSVDB) and served as the project’s teasurer, board member, developer, and data wrangler. 

He has released multiple ground-breaking security tools besides Nikto, including DAVTest to evaluate WebDAV sites, the first (?) dedicated WordPress and Drupal scanners in CMS-Explorer, pioneered Google Dorks (before it had a name) in Nikto, and wrote what might have been one of the first attack surface management (ASM) products (for internal use only!) at a large bank in the early 2000s.

Chris is also the founder of the RVAsec, a security conference and community located in Richmond, VA.

Chris has worked at various security jobs in banking, R&D, software development, and consulting since the heyday of online services like AOL and Apple’s eWorld.