Is it actually possible to make any good money doing that or am I better off doing surveys or some shit for money on the side lol

  • Sphere [he/him, they/them]@hexbear.net
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    11 months ago

    Never done any myself, but I believe it’s possible to make decent money at it if you know what you’re doing–but that requires some familiarity with computer and/or network security; they’re not just paying for finding any old bugs, they only pay for exploitable vulnerabilities (and they will often argue about what is and isn’t exploitable). There are also legal risks to be considered; if you accidentally access sensitive data in the process of vuln-hunting, you could be at risk of prosecution, and there can be legal risks in communication/negotiation with the company, too (though I’m not really too knowledgeable about what those are, tbh).