About

I'm Stan, a Senior Offensive Security Consultant based in the Netherlands. Online, I usually go by wobbat.

I currently work as a Security Researcher and Embedded Team Lead at an offensive-focused security company. I work across embedded and application security, taking the lead in improving our embedded, firmware, and low-level testing capabilities and knowledge, while also shaping and implementing our internal vision for using AI in offensive security.

I also give the odd talk or workshop and love sharing what I've learned, as well as learning from others.

My work covers hardware and firmware as well as web, mobile, and desktop applications, and pretty much any kind of software. This spans hardware analysis, white-box pentesting, deep-dive code reviews, architectural analysis, and general security consultancy.

I am also neurodivergent. While this often results in a chaotic number of open browser tabs, it fuels my need to fully understand how things work. I do not just look for a way in or a shell. I want to deconstruct systems down to their core to understand why a vulnerability exists in the first place. For me, security is driven by curiosity and a love for the puzzle, whether that means finally understanding Spring Boot internals or keeping up with how AI is reshaping threat models.

What you'll find here

This blog is a place to document how I learn and work. I write about how I approach systems, from low-level internals to all kinds of software, and sometimes about new developments or life itself.

Topics include security research, tooling, Linux workflows, perspective on working in tech with a neurodivergent brain, and occasional creative side projects.

When I am not breaking software, I am usually drinking coffee, reading fantasy novels, or wandering around with my camera (you can check out my photos here).

Want to reach out or discuss something? mail@wobbat.com | LinkedIn | GitHub