[tradesmanhelix]

Thank you for the advice - greatly appreciate it! Regarding your comment:

> if you have solid experience as a full stack web developer then I would suggest finding a way to pivot off that expertise (web application security, infrastructure, etc) rather than diving into the Shellcoders Handbook, x86, and K&R, which are going to be more tailored towards reverse engineering and vulnerability research.

I've been focusing on those areas because they are what legitimately fascinate me. I enjoy web dev, but I'm finding my passion (as indicated by what I like to research and learn about in my free time) is low-level stuff: operating systems, C programming and associated vulnerabilities, assembly language, etc.

The interaction between software and hardware has always fascinated me (1997 when we got our fist computer: How does this hunk of plastic and silicon do that??), and I feel like that's where I want to go long-term.

[kdv]

That's great! Certainly not saying you should abandon those efforts, but see if you can find a security shop that has experienced researchers doing what you want do and sell them on your value based on what you already know and have experience with. It's one of many approaches, but it worked for me when I had limited outside time to devote. Good luck!