Hans-michael Varbaek is a Senior Security Consultant with over a decade of hands-on experience in web application security, penetration testing, and vulnerability research, currently based in Copenhagen. He has presented advanced exploitation techniques at major conferences including multiple Black Hat Europe Arsenal talks and Kiwicon, and holds OSCE and OSCP certifications. His work spans red-team engagements, methodology development for large multi-country assessments, and improving report quality and reproducibility across teams. Hans-michael combines deep technical research—finding zero-days and moving XSS to RCE—with practical delivery, mentoring junior testers and standardizing testing approaches for consistent results. He has contributed to PenTest Magazine and participated in elite platforms like Synack and Cobalt, reflecting both community leadership and trusted commercial practice. An organizer of community events (Alt33C3) and an Arctic Code Vault contributor, he brings a mix of public research, operational security, and event-driven collaboration to every engagement.
12 years of coding experience
6 years of employment as a software developer
C (Scale: ECTS), IT-Administrator (System Administrator), C (Scale: ECTS), IT-Administrator (System Administrator) at Aarhus Business College
Contributions:7 commits, 1 push in 1 year 5 months
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Hans-michael Varbaek - Senior Security Consultant at VarBITS