I"m a developer, I recently began eLearnSecurity's course and found the web application section to be very informative and relatively simple to understand for someone with a development background. "The Web Application Hacker's Handbook" is also really good for learning.

Near Near York City, not where I am originally from but have been here for a while.

Just wanted to go ahead and introduce myself, I am a mid-level web application developer currently working in .NET. I spent some time on personal/education projects using Ruby on Rails, used Adobe Flex in the past. I have a bachelors in Computer Science which I got in 2010.

I am very interested in Security having initially taken some courses in college. While the classes were interesting, their difficulty at the time discouraged me from pursuing this field (classes were mostly graduate students, I was one of the few undergrads brave enough to take the class, so I didn't do so well).

I recently decided to seriously move into security, primarily interested in application security (penetration testing ,code reviews), during my research I found this forum. I was impressed with how informative it was and decided to join. I also enrolled in the eLearnSecurity course based on the fact that it was highly reviewed by members of this forum.

I guess that's about it, I am currently located in New York State although in the past I did live in several different countries in Europe in Asia.

Thank you for your answers and Happy New Year. I am currently an (web) application developer considering moving into security, so the application side is much easier for me to understand but I'll definitely try to learn the basics of both.

Hello, hopefully this is the right part of the forum to post this. I am trying to learn more about a career in penetration testing. I was wondering, do testers tend to specialize in either Network penetration testing or Application penetration testing, or do they tend to do both?

Thank you