Justin Steven

Director Of Research at Tanto Security

Melbourne, Victoria, Australia
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Justin Steven is a Director of Research and seasoned computer security professional with over a decade of hands-on experience in incident response, application security, and secure code practices. He leads research at Tanto Security, cultivating consultant-driven investigations and practical exploit research while bridging commercial program needs and deep technical curiosity. Justin’s background includes senior roles in product and application security at major technology vendors and a telco, giving him a strong track record of building secure development programs and remediation pipelines. An active open-source contributor, he has patched vulnerabilities in Metasploit and enhanced exploit tooling in pwntools, demonstrating both offensive expertise and responsible disclosure. Based in Melbourne, he combines an academic grounding in network security with a practitioner’s focus on measurable risk reduction and tool-driven research.
code11 years of coding experience
job9 years of employment as a software developer
bookBachelor of IT Networks Information Security, Bachelor of IT Networks Information Security at QUT (Queensland University of Technology)
stackoverflow-logo

Stackoverflow

Stats
101reputation
0reached
0answers
0questions
github-logo-circle

Github Skills (21)

shellcode10
penetration-testing10
ctf10
python10
vulnerability10
meta10
patch10
it-security10
command-injection10
security10
ruby10
exploit10
roo10
vulnerabilities10
meta-framework10

Programming languages (12)

TypeScriptJavaC++ShellCRustJavaScriptGo

Github contributions (5)

github-logo-circle
Gallopsled/pwntools

Jun 2016 - Apr 2022

CTF framework and exploit development library
Role in this project:
userSecurity Engineer
Contributions:6 commits, 8 PRs, 22 comments in 5 years 11 months
Contributions summary:Justin primarily contributed to the `pwntools` CTF framework by improving and adding features related to exploit development. They introduced the `cyclic_metasploit` and `js_escape/js_unescape` functions, enhancing the framework's capabilities for generating patterns and encoding/decoding JavaScript strings, both useful in exploit scenarios. Furthermore, the user addressed bugs and improved existing functionalities by fixing typos, and correcting docstrings within the `cyclic` and `fiddling` modules, demonstrating a focus on code quality and usability for security researchers.
pythonctfpython2ropshellcode
rapid7/metasploit-framework

Apr 2016 - May 2021

Metasploit Framework
Role in this project:
userSecurity Engineer
Contributions:1 review, 23 commits, 12 PRs in 5 years 2 months
Contributions summary:Justin's commits primarily focus on the Metasploit Framework, specifically addressing security vulnerabilities. Their contributions include patching command injection vulnerabilities in the msfvenom module and related APK template handling, as well as fixing bugs. The user also made changes to address other vulnerabilities. The work showcases expertise in identifying and mitigating security risks in penetration testing tools.
metasploitmetasploit-framework
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Justin Steven - Director Of Research at Tanto Security