I've been doing web development as my full-time job for the last 6 years and in that time I've worked with many different technologies for clients in many different industries including: law enforcement, non-profit, financial services, e-commerce, visual arts, and small business.
As fun as all that has been, I've always had an interest in InfoSec. I've lurked in security forums, subreddits, and websites for years and have an on-again, off-again relationship with studying security topics.
Well, I've decided to finally take the plunge into the InfoSec world and seriously pursue education in the field. Given my years of experience developing, securing, and maintaining web applications, Web App Pentesting seems like it could be a good fit; I'm extremely interested in coming at that topic from the other side.
This blog will serve as a journal of the things I learn and the mistakes I make along the way.
Hopefully some of this helps another person who is starting out either as a great resource or a cautionary tale. Ideally the former.