Stan van der Vleuten

00 · about

I'm Stan, or wobbat online. I work as a security researcher and team lead at WhiteHats, an offensive security company in the Netherlands. Most of my work is practical security research: reading code, tracing how systems behave, and finding exploitable edge cases.

I don't like stopping at “this is vulnerable.” That gives me little fulfillment. I want to understand why it was vulnerable, and the path that got it there: the assumptions, shortcuts, interfaces, and missed details that made the bug possible.

I'm neurodivergent, which mostly means too many open tabs, too many questions, and a hard time leaving a system alone until it makes sense. Outside work I drink coffee, read fantasy novels, and walk around with a camera.

01 · specs

role
senior offensive security consultant & team lead
focus
application security · embedded systems · linux · secure code review · AI-assisted offensive workflows
time in field
7+ years
based
netherlands
speaks
nl · en

02 · path

  1. now

    Talking with AI

    Am I losing my mind?

  2. 2024

    Senior Security Consultant · WhiteHats

    Senior application security work across web, native desktop, mobile, embedded, and IoT systems. Team lead for a small group of security specialists, primary client contact through scoping and delivery, and technical lead for embedded security assessments covering firmware, Linux-based devices, communication stacks, and system-level components. Driving AI adoption and integration across offensive security workflows within the company.

  3. 2021

    Security Specialist · WhiteHats

    Application security assessments across web, native, and mobile. Reporting, stakeholder presentations, and secure-design advisory to development teams.

  4. 2019

    Ethical Hacker · IP4Sure (now Cyberlab)

    First pentester on staff, playing a leading role in establishing the company’s penetration testing service from the ground up. Infrastructure and web application pentesting, including manual vulnerability discovery, exploitation, impact analysis, reporting, and client advisory across the development lifecycle.

03 · education

  1. 2015 — 2019

    BSc ICT & Cyber Security · Fontys Hogeschool

    Cum laude

04 · links

github
@wobbat
linkedin
stanvdvleuten
photos
wobbat.com/photos
email
mail@wobbat.com