Justin Massey

Justin Massey

Penetration Tester

Contact Me

About Me

Hello - I'm Justin Massey, a Security engineer who constantly tries to find the medium ground in between Security and Usability. Easier said than done. Currently, I am employed at Ionic Security as a Penetration Tester and I work in between the application security department and engineering team to ensure our customers are delivered a secure platform and secure products.

When I'm not hacking, I am researching, when I'm not researching, I'm probably traveling, running, sky diving, or at a pub with some friends. No time for sleep. I have a passion for giving back to the community which has given so much to me. I am actively looking for a way to get involved with STEM education for the under privileged whether that may be in our local community or abroad. If you have a great organization you run, are a part of, or just know someone involved in one, please let me know!

Blog Posts


Automated Security for Web Applications Open Source

I built this project to introduce application security departments and penetration testers to pytest, a python testing framework. This project contains some sample pytest scripts to run against a Mutillidae 1 web server, an intentionally vulnerable web application for learning the OWASP top 10. You can use these scripts to become familiar with the pytest framework and help you visualize some different ways to test for vulnerabilities which you may have found in your application in the past and ensure they aren't reintroduced into the code base.

Work Experience

Penetration Tester - Ionic Security (2015 - Current)

Junior Penetration Tester - Coalfire Labs (2014 - 2015)

As a junior penetration tester, I was required to conduct 1-2 week internal/external network, web application and physical penetration tests.

Technical Operations Manager - Atlanta Network and Computer Help (2010 - 2014)

At Atlanta Networking and Computer Help (ANCH), I began as a Helpdesk Administrator, moved to a Systems Administrator and was eventually given the opportunity to manage the technical operations of the Managed Service Provider.