Skip to content
← home
Casey Ellis

Casey Ellis

Hacker, founder, advisor, and pioneer of crowdsourced security. Founder of Bugcrowd, co-founder of disclose.io, principal of Tall Poppy Group. Board member at SRLDF.

Security

WTF is happening on tcp:0? 2020 edition — Update 1

tl;dr: 0.06% of the publicly-addressable IPv4 space is listening to and responding on TCP Port 0. Why? idk…

03 Aug 2020 · 1 min read
Security

WTF is going on with TCP:0?

tl;dr: 0.06% of the publicly-addressable IPv4 space is listening to and responding on TCP Port 0. Why? idk... Note: Never interact

30 Jul 2020 · 3 min read
Building

WTF is happening on tcp:0? 2020 edition

tl;dr: 0.06% of the publicly-addressable IPv4 space is listening to and responding on TCP Port 0. Why? idk…

29 Jul 2020 · 3 min read
Security

A few good cybersecurity companies

I spend a lot of time looking at cybersecurity solutions and companies, partly on request, and partly because it always fascinates me to see people are attempting to solve big problems.

17 Jul 2020 · 4 min read
Personal

On not being not-racist

An active problem needs an active opposing response, a passive response will always allow the aggressor to succeed in the end.

08 Jun 2020 · 2 min read
Building

First principles

Simple is strong. Respect is key. Build it like you own it. Don’t be valuable, create value. Think like a hacker. 360-degree accountability.

26 May 2020 · 1 min read
Security

Priority One: Insights into Submission and Payment Trends

2020: Chaos is a Ladder As 2020 comes to a close, I’ve started to see summaries of the year pop up, covering lessons

16 May 2020 · 3 min read
Security

To err is human — Kerckhoffs' Principle in Software Transparency

Shannon and Kerckhoff were pioneers of disclosure thinking — They understood the concept of “build it like it’s broken”. This was especially true in WWII cryptography, but it’s becoming increasingly clear in its relevance to the 'peacetime' software that we use today.

08 Apr 2020 · 2 min read
Security

Hacking styles

Broadly, there are two things that come into play when it comes to the style a person applies to hacking: The level of experience, and the overall wiring of the hacker.

29 Mar 2020 · 1 min read
Security

A message to folks providing "free testing" at the moment

TLDR: If you’re performing any active, unsanctioned testing on healthcare systems: Please stop it. Don’t make their job any harder than it is right now.

28 Mar 2020 · 1 min read
Security

COVID-19/Coronavirus — What are the bad guys up to?

As expected, the covid19 pandemic has out brought some of the Internet’s worst. I’ve been working with several groups to information share and fight back on this stuff, including the COVID-19 CTI Group.

28 Mar 2020 · 2 min read
Security

Changes

You know that awkward thing at the moment when you see someone and go to shake their hand or hug them, then pull away…

23 Mar 2020 · 1 min read