I have a background in system administration and programming.
The first time I saw code vulnerable to SQL Injection an alarm went off in my head.
Immediately I could see the problem, the user name was being put right into the SQL query. Anything the user typed in would run as part of the SQL command.
A little piece of trivia came to me, I'd heard of this before. Bobby Tables. As I hadn't worked with server side languages before security wasn't an issue. This however was a whole new world and I needed to get up to speed... and fast.
From there I found OWASP and was hooked.
Instead of just fixing the web app flaws I learned about and moving on, I kept digging and digging.
This is my journey from Zero... to zero day.
In this blog I don't want to just do "look what I did!" posts, I want to touch on core security and coding concepts whenever I can. That way the information will be accessible to a wide range of readers.