About Justin

Cybersecurity is a top-of-mind concern for organizations across the globe. Year after year, security incidents become more prevalent, security risks more numerous, and adversaries more dedicated.

Data and technology have become critical components for organizations of all sizes, markets, and geography. Yet, with these increased digital optimizations, organizations face more significant risks than ever. These challenges are further complicated by ever-changing compliance landscapes, from regulatory and contractual to cyber insurance requirements.

However, far too often, cybersecurity conversations fail to encompass the most crucial justification for security initiatives. For most organizations, security does not directly contribute to the bottom line. Instead, cybersecurity should be a fundamental element to protect the investments already made in people, processes, and technologies.

Equally important, security is not a technical problem; it's a Risk Management Process. Therefore, a robust cybersecurity posture includes a comprehensive and holistic approach starting with a strategic foundation. From that foundation, security layers are built to protect an organization's most valuable asset: data.

Justin has dedicated his career to helping organizations navigate the complexities of data, technologies, and information security. His experience spans from start-ups to Fortune 100 companies, non-profits to government entities, and across verticals. Justin has worked with a wide range of technologies, from the network to the cloud, from the application to the data.

Justin's passion extends beyond technology, focusing on assisting organizations with securing their future.

Contact Details

Justin M. Wray
185 Jonathan Way North
York, PA 17356
(717) 916-5066


YAIDS is a Multi-Threaded Intrusion Detection System using Yara. YAIDS supports all valid Yara rules (including modules) and any PCAP-compatible data stream (Network, USB, Bluetooth, etc.).
View Project


ChatCTF is an interactive AI Chatbot designed to assist users with solving or creating capture-the-flag (CTF) challenges. However, devised as an Offensive and Defense Cybersecurity expert, ChatCTF additionally provides a new method for obtaining cybersecurity-related advice and assistance. ChatCTF is built upon OpenAI ChatGPT (GPTs), thus providing a familiar interface and interaction for users.
View Project


TeamSploit makes group-based penetration testing fun and easy, providing real-time collaboration and automation. TeamSploit is a suite of tools for the Metasploit Framework. TeamSploit should work with any MSF product (including Community/OpenSource, Express, or Pro).
View Project


Defensive Tools For The Blind (DTFTB) is a collection of Windows and Linux tools that automate: post-exploitation, backdoor, and rouge access discovery, for defenders. DTFTB allows a system defender to quickly and precisely locate common backdoor tendencies and system misconfigurations used by attackers to maintain access.
View Project


Unsploitable is an emergency patcher, providing critical security patches and updates for commonly exploited vulnerabilities in common operating systems, services, and applications.
View Project

NetProfiler Suite

Automatically profile your network, building a packet filter of common known-good traffic. Useful for IDS filtering and network monitoring.
View Project


An automated Phishing Simulation and Assessment deployment platform that combines numerous phishing platforms and capabilities (such as GoPhish, Evilginx, etc.). Provides the ability to send phishing emails, harvest credentials and tokens, and deliver customized per-user payloads, all while providing robust reporting metrics.

sCOREcard (Core BTS)

An interactive web application for security engagement reporting platform. Allows for tracking, trending, sorting, and searching complex security data across initiative types (from technical assessments to physical security and social engineering to compliance reporting).

Facebook CTF Platform (FBCTF)

The Facebook CTF is a platform to host Jeopardy and King of the Hill style Capture the Flag competitions. Owned by Facebook and used both internally and for numerous public-facing Capture The Flag events.
View Project

Cyber Exercise Engine (WraySec)

A comprehensive cyber exercise, training, and competition platform. Providing real-time event scoring, interactive range and scenario development, and a fully web-based experience for participants. Scoring includes service-based, task-based, and question-based, all available in mix-modes and individually or team-based.

ThreatSpace (FireEye)

A cyber exercise/competition platform and range for network attack, defense training, and simulation. Providing round-based service scoring or question-based scoring for team-based events.

Next Generation IDS (ICF)

A next-generation intrusion detection engine with a focus on speed, efficiency, advanced pattern matching, parallel processing, modularity, and expandability. Based on Regular Expressions, the IDS provides the means to write rules for malicious indicators and anomalous traffic in a singular mode.

Cyber Warfare Games

Develop and Deliver Capture the Flag (CTF), Red verse Blue (RvB), and King of the Hill (KotH), cyber warfare events. Interested in participating or hosting a game? Contact me.


A zero-trust SDWAN solution, providing mesh networking through a software-defined wide area network. tinc-sdwan extends the tinc VPN client to provide zero-config SDWAN capabilities, allowing clients to communicate natively regardless of physical network location (remotely) or network filtering.


metashell is a lightweight, heavy punch, interactive, intelligent command-line shell. The amazing difference with metashell lies in its ability to determine a file's datatype and automatically run your desired applications.
View Project


twitter2rss will obtain all friends of a specified Twitter account and then create an OPML feed list. The feed list will contain all of the obtained friend's Twitter RSS feeds, which can then be imported into any standard feed reader.
View Project


SpeedRead is a featureful web-based, gamified, sight word learning program. SpeedRead is based on the "Dolch" Sight Word list and provides default words based on the target education level.
View Project


Core BTS

Director; Security Advisory Services February 2019 - Present

Provide leadership of the Security Advisory Services division of a business technology consulting organization. Lead innovation, strategy, and vision for internally delivered offerings and engage in sales and marketing. Focused on security advisory, guidance, consultation, governance, compliance, risk management, assessments, and incident response. Provide oversight and direction for external client engagements as well as internal security programs.


Founder & Chief Executive Officer September 2015 - February 2019

Founded and managed a start-up focused on high-fidelity cyber training and security consulting. Managed day-to-day operations and client engagements for various services, including security assessments and application development. Led internal development efforts for proprietary security solutions, focused on cyber range design, deployment, and management, as well as a cyber exercise platform.

ICF International

Technical Specialist; Cloud & Offensive Security February 2016 - September 2017

Managed classified research projects for a confidential military organization (U.S.) in the areas of cloud security and offensive cyber warfare. Managed project teams of researchers and developers on both mission-oriented and fundamental research projects. Developed security tools, mechanisms, and capabilities for both offensive and defense cyber operations.

Axxum Technologies

Manager; Penetration Testing May 2015 – February 2016

Managed an internal Red Team for a confidential federal government (U.S.) organization. Lead penetration testing and vulnerability management programs. Developed security programs, policies, procedures, and documentation. Collaborated with executive leadership on security posture improvements and coordinated with IT teams to facilitate risk remediation. Designed, coordinated, and delivered security-related training across the organization.

iSight Partners

Engagement Lead & Researcher; Cyber Exercises October 2012 - May 2015

Designed, managed, and delivered large-scale cyber exercises for public and private training and competitive events. Leveraged threat intelligence and research to architect realistic scenarios for cyber warfare operators and industry professionals. Integrated real-world technologies and client configurations into cyber ranges for high-fidelity simulated events and training.


  • Leadership
  • Strategy & Vision
  • Team Management
  • Project Management
  • Hiring & Training
  • Client Engagement
  • Sales & Marketing
  • Finance, Budgets, and Accounting
  • Security Advisory (Guidance and Consultation)
  • Technical Assessments
  • Red Team Engagements
  • Penetration Testing
  • Social Engineering Engagements
  • Physical Security Assessments
  • Cloud Security Assessments
  • Vulnerability Management
  • Governance, Risk, and Compliance
  • Policy and Procedure Evaluation
  • Policy and Procedure Development
  • Strategy Development
  • Compliance Audits and Assessments
  • Incident Response
  • Planning and Readiness
  • Emergency Response
  • Incident Investigation
  • Incident Recovery and Remediation
  • Training and Exercises
  • Application Security
  • Secure Coding
  • Dynamic Application Security Assessments (DAST)
  • Static Application Security Assessments (SAST)
  • Web Application Assessments
  • Mobile Application Assessments
  • Development Security Operations (DevSecOps)
  • Cloud Security
  • Amazon Web Services (AWS)
  • Microsoft Azure
  • Google Workspaces and Cloud
  • OpenStack
  • Containerization, Virtualization
  • Cloud Security Operations (CloudSecOps)
  • Security Solutions
  • Intrusion Detection/Prevention
  • Firewall and Network Access Control
  • Anti-Malware and Endpoint Detection and Response
  • Monitoring and Logging
  • Application Development
  • HTML, CSS, and JavaScript
  • PHP
  • C/C++
  • Perl
  • Python
  • Ruby
  • Go, Rust, WASM
  • Source Code Versioning (SVN, GIT, etc.)
  • Package Development (DEB, RPM, etc.)
  • Continuous Integration / Delivery (CI/CD, DEVOPS)
  • Additional Technologies
  • MySQL, PostgreSQL, and SQLite
  • Bootstrap and jQuery
  • Linux Administration
  • Windows Administration
  • Apple macOS Administration
  • Hypervisor Administration (VMWare, VirtualBox, QEMU, KVM, etc.)
  • Containerization (Docker, Kubernetes, LXC)
  • Security Tools
  • Kali Linux
  • NMAP / ZenMap
  • Snort, YAIDS, Suricata, and Zeek
  • Nessus, Qualys, and OpenVAS
  • Metasploit
  • GoPhish, FiercePhish, and EvilGinx
  • Soft Skills
  • Verbal Communication
  • Written Communication
  • Problem-Solving
  • Efficiency and Automation
  • Document Tools (Office; Word, Excel, PowerPoint, etc.)
  • Creativity


Freelance & Consulting
June 2002 - Present

Maryland Defense ForceWarrant Officer, Cybersecurity Unit
May 2013 – May 2017

Community College of Baltimore CountyAdjunct Professor
August 2010 - January 2015

ICF InternationalNetwork Security Engineer and Researcher
October 2007 - October 2012

Constellation Energy GroupIT Technician
August 2006 - October 2007

HI–Tech Processing ServicesNetwork and Security Administrator
August 2005 - August 2006


Do you have a security concern you would like to discuss? Would you like to share feedback or ask Justin a question?

Email is the best contact method for Justin. If your matter is urgent, please indicate such in the subject of the email. If you would prefer, you may contact Justin via phone; however, you are encouraged to follow-up phone messages with an email.

If you wish to communicate in a secure manner, or if your content is sensitive, please utilize the provided public-key for encrypted email communications, be sure to include your public key in your communication.