The purpose in making this blog is to have a platform to assemble my reports and findings, and to develop a stronger understanding of these various topics surrounding web application security testing. Hopefully I can also teach and provide others with a new perspective on approaching web application testing at the same time. At the moment, I am focused mainly on web application testing, but as my knowledge-base expands I plan to expand to other areas of penetration testing. I know that this field is heavily dependent on sharing within the community, so I will do my best to thoroughly explain things and reiterate over the things that I had initial confusion about. I’m not always 100% accurate so feel free to correct me, as I would like to put out the most accurate information possible.