Chris Sullo is a veteran penetration tester and security engineer with 13+ years of professional experience and a decades-long footprint in open source security tooling. He authored Nikto, one of the earliest and most enduring web server scanners in use for 20+ years, and later led innovation at ProjectDiscovery improving the widely-used nuclei vulnerability scanner. Chris blends hands-on offensive testing and tool development—building in-house testing software, Burp extensions, and automation for large-scale attack surface management—with leadership roles from Capital One to Black Hills Information Security. He founded RVAsec and the Open Security Foundation, creating community-driven vulnerability resources and a regional security conference that draws hundreds. Equally comfortable in low-level exploit discovery and strategic R&D, he has a knack for turning community collaboration into practical tooling and repeatable testing workflows. Based in Glen Allen, Virginia, he pairs an English degree with a talent for clear documentation and communication across technical and executive audiences.
13 years of coding experience
16 years of employment as a software developer
Bachelor's degree English Language and Literature General, Bachelor's degree English Language and Literature General at Southern Connecticut State University
Contributions:2 reviews, 918 commits, 253 PRs in 10 years 3 months
Contributions summary:Chris primarily contributed to the project by making modifications and additions to the core functionality of the web server scanner. Their changes involved adding documentation, updating the main program, and modifying various plugins. These changes suggest a focus on improving the overall utility, features, and documentation of the scanning tool.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Role in this project:
Security Engineer
Contributions:2 reviews, 6 commits, 9 PRs in 11 months
Contributions summary:Chris primarily contributes to security-related aspects of the `nuclei` vulnerability scanner. Their work involves refining the scanner's behavior by modifying the handling of HTTP requests and headers, ensuring compatibility with various configurations. The user also enhances the scanner's ability to identify vulnerabilities by contributing to a curated list of known problematic sites. These contributions improved the accuracy and efficacy of vulnerability detection.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.