I am trying to enter into the web application security field. I am somewhat overwhelemed because I have A LOT of vulnerable web applications (OWASP Broken Web Apps, OWASP Security Shepherd, PenTestLab), and I also enrolled in eLearnSecurity and PenTestLab.
My question is, for those in this field, what where your first steps? I clearly have a lot of information (see paragraph above), but I feel like I am not using my time in the most effective manner.
Also, I have a blog passionforpentesting.wordpress.com. I am trying to revitlize the blog again this year, and my goal is to have it as an interactive place for people who want to enter this field. If you can please go to the site (I must warn you in advance the posts are pretty bare), and give suggestions that would be great!
I should re-iterate I REALLY want to transition over to this field, as I am a Application Developer now. This isn't a hobby that I will drop in two months, I've been trying to get into this field for over 2 years, and it seems I am always meet with a brick wall...