Hi, I'm Elliot 👋
I'm a security engineer and researcher from Toronto, Canada.
I enjoy building open source, security-oriented projects that help people accomplish their objectives & push what we can do with our technology further. Also of great interest to me is finding and exploiting novel software bugs especially as it pertains to low-level systems programming.
My open source software (OSS) has been used by thousands of people & I regularly share engaging educational content in the form of articles and tweets. Interacting with people and answering any questions they may have on the content I've shared is something you will often find me doing. I'm always trying to learn more to improve my skills and love imparting as much of that as I can though my work. See my CVEs and HackerOne for software I've had an impact in securing by discovering vulnerabilities.
I delight in open sourcing all the things (I have a whole back catalog of previously created tools and small projects I've been meaning to open source) and documenting my creations thoroughly so others can learn from it. Prior to specializing in security, I was (and still am) an avid programmer.
Currently working as an Application Security Consultant for the Royal Bank of Canada (RBC); Canada's largest bank. At RBC, I'm the second member of a new initiative assessing their vast dependencies on open source software to ensure libraries are sufficiently patched and maintain overall supply chain security. Analyzing code produced by RBC developers globally to catch security bugs before they reach production and working with development teams to understand these issues are part of my responsibilities.
I'm also an Associate of (ISC)² having passed the Certified Information Systems Security Professional (CISSP) exam.
I intend to start posting new content on my blog/X/YouTube/Twitch more than once per week!
I'm currently working on multiple current and future open source projects as well as conducting independent research in the field of binary exploitation. Some of my upcoming projects will be more red team oriented (shifting away from my almost exclusive focus on blue team work so far). Smart contract and blockchain application security auditing is an area I'm familiarizing myself with right now.
The fastest way you can get in touch with me is through my X/Twitter DMs. For professional inquiries (e.g. a partnership, sponsorship, paid mentorship or referral for a position), you can email me at . For confidential communications (e.g. a security finding), you can contact me at @ElliotKillick on Wire.
If there's something in particular that you want to see or want me to look into, feel free to let me know. Currently, I have over 50 pieces of content planned (30+ of those being articles) but I'll see what I can do.
If I don't respond, I don't hate you I'm just busy. I unfortunately cannot commit to providing private one-on-one support at no cost (you would probably best be served by creating a GitHub issue or asking on the Qubes OS Forum). Please no spam and no I won't hack someone for you.