i have follow the forum sometime and learned a lot，but has never post a topic，today，i am wonder how a independently security researcher to make a living，there may may be some one can share the experience or your “story“ about you how to earn money？ like bug boundary？
This is a good question, but I recommend that you ask it on IRC instead, because it’ll be quicker and more casual – better for this topic…
I think bug bounties would be a good place to start. Major companies like Facebook offer huge bounty amounts for discovering bugs.
How do I or you make a living? Good question and there’s number of answers. I’ve been looking at jobs for several companies and most of them surprisingly only require that you’re 18 or older and at least willing to learn, but of course the ignorant require BS. There’s also such thing as freelancing and one such site is (ironically):
and there’s also Upwork which I don’t recommend it (requires a lot of personal information).
There’s a lot of answers to this, but freelancing, even though tough, is still possible and is in my opinion one of the best ways. Of course this’ll require a part time job until you get on your feet.
There’s also the option of creating your own site and knocking door to door of businesses to promote yourself. One such example is my site that I’m recently trying to become a independent software engineer. Of course, my focus is software engineer, but… this example applies to security researcher also.
I guess it also depends on how much you’re willing to work for your goal, but remember, happiness == success not success == happiness.
I hope that helps to answer your question.