Finally, it is my turn! I really enjoy the idea of sharing my thoughts here.
Since NibbleSec is a multi-author blog, I'm not going to bore you with low-level stuff - Snagg is just enough!
For fun (and profit) I'm usually involved in web application pentests and lately in Java security. It is a kind of fun and this is usually the easiest way to get a shell in these days.
I'm just back after IT Underground Prague where I gave a speech about Apache Tomcat security and TomcatZOO, one of the first NibbleSec project. While waiting for the release of the tool, you may enjoy the presentation.