There’s so much to learn it feels never-ending — the more you learn the less you know. The great thing about hacking though is even if you are a beginner there’s money that can be made while you gain experience, I guess that's why you are here. To make money hacking...
If you're new to hacking, check out this article to get you on the right track: How To Become a Hacker in a Year!
How do hackers make money?
Whether you want to take your hacking skills corporate or freelance, I want you to remember to always stay on the ethical side of the internet. You can’t treat this like a game, what you are about to do is ‘attack’ real-life companies. It’s about finding the weaknesses, not exploiting them. So how do hackers make money? Here are five ways you can make money hacking in 2021!
1. Bug Bounties
You probably know what a bug bounty is even if you don’t recognise the name. You know when big-shot hackers get a six-figure bonus for a job, well, that’s a bug bounty. Big tech companies (like Google) will invite a talented group of security researchers (hackers) to hack their software. These jobs are usually posted on bug bounty websites. If the hacker can identify a threat or a weakness in the software they usually get a cash reward and get ranked on a hacking leaderboard. Although a lot of hackers who hunt for bug bounties do manage to pocket some extra cash on the side, not every hacker should expect to get a huge payday. It’s still pretty cool considering a lot of these guys started hacking as a hobby. I’m not saying the bounties are simple either, so don’t think the money comes easy.
From my perspective, I began hacking with no prior knowledge or experience and after just three months I hacked my way onto the top 20 hacker profiles on intigriti. I made over €3,000 in this time, simply by finding logic vulnerabilities. My favourite bounty was actually one I found by accident. I put XSS attack vectors into input fields and was able to completely take over an account by stealing the session cookies. This accident made me €750.
So what I’m saying is it’s still worth a shot regardless of your experience, I’m a perfect example of that. Now I don’t hunt so many bounties, I prefer to focus more on penetration testing which brings me to my next point.
2. Penetration testing
A penetration tester is a hacker who gets hired by a client to test the required scope items. That’s a little vague but basically, when a company designs a new product or feature, penetration testing is required to ensure the product is safe from hackers or malware. The hacker follows a procedure based on what they are testing. A penetration tester can test many different things like APIs, product features, or a company's infrastructure.
Penetration testing jobs are on the rise, which means there’s money and plenty of opportunities. If you go get a certificate like an OSCP, it’ll help you stand out from the crowd. I recommend it. Also, a great thing to do while you're training to become a penetration tester is to start publicly sharing any info or research you might be learning. Community work is a great look for employers and it also builds up your online reputation and network.
So penetration testing is another great way to make money with your hacking skills. The thing is, it requires more training than chasing bounties. You need to be at a proficiency where you can comfortably work at a company that specialises in penetration testing. Which isn’t easy since it’s a lot of self-learning. There’s no school that teaches hacking. You kind of have to just test and try different attack scenarios, and be able to show it.
If you do land a job, well, good news, your salary can easily grow up to $100,000 (US). The average salary for a pentester is $86,241 with juniors generally starting out at $59,000, and quickly rising. Not bad money if you can get your foot in the door.
Ready to find a job you love?
Time to upgrade your tech career?Find me a job!
3. Training others
Now that you know how hackers operate, you can help others by teaching them how to hack ethically or defend themselves against bad actors. You can help contribute to a safer internet by informing people about the dangers and training them on how to defend themselves all while making some extra doe. If you are really passionate about training, you could go full-time, there’s ample opportunity between emerging technologies and better tools.
Besides teaching online, it’s always helpful for experienced hackers to share what why to know with the newbies. Youtube is a great place to start for example. You can upload videos where you talk about your experiences and share thoughts and techniques. You can grow an audience and create another revenue stream if you’re really dedicated. Remember, it only takes 1,000 hours of watch time and 1,000 subscribers, for you to start earning money.
For the camera-shy, how about a blog? Write down all the new things you learned. There are sites like Medium which can earn you money for your writings, and offers a place to grow an audience. Whatever it is, YouTube, Medium, Twitter — the earlier you start building your audience the better.
And look, down the line, once you’ve mastered some hacking skills, you might wanna create some courses, like me. There’s a bunch of platforms, Udemy is probably one of the most popular but see what works for you!
4. Helping people after a cyber attack
With covid-19 rising, we also saw a big increase in cybersecurity attacks on companies and consumers. With your newfound knowledge of these cyberattacks, you might be able to help the victims of these attacks recover and if you are providing them with tech support, you can certainly make some good coin with this method. You can possibly offer to remove any viruses that were installed or possibly try to recover data from a crashed system.
I made sure to let every business near me know that I was a security engineer and that if they needed me, they could always reach out to me. About 2 days after I gave my number to a local car dealership they got hit with a crypto locker. These viruses are designed to encrypt all of the user's files and demand ransom for the key to decrypt them. Luckily I had an unlocker for this specific virus and I was able to decrypt all the files with no damage done. Needless to say, they were very grateful for this.
You don’t have to go that big though, you can also start smaller and just help out a family member or friend in need. There’s always a relative who needs a repair, and you can let them know if there’s a crisis situation you’re there to help. It’ll prevent a lot of damage plus you’ll build up your experience and resume.
Lastly, it never hurts to put out posters that contain descriptions of what you are capable of in locations that allow it. People in need might see this and contact you. I’d mention what your prices are as well to help them make a more informed choice.
5. Doing research into hacking
If you are the kind of person that likes to take everything to the extreme and to be at the forefront of a field, there’s great potential in hacking. It might not seem like it because when you discover something completely new, there seems to be no immediate reward. For example, we can report defects to companies that we have found but if they are unresponsive and don’t really perceive the threat, there’s not much we can do.
After the issue has been fixed however and on the condition that you leave out any details that might reveal your target, it's possible to start writing or producing videos about what you found and how you did it. There are a lot of hackers who are always interested to learn new things and you can get paid to start if a blog or youtube channel gets popular enough. You can keep growing these social media channels as you go along and make new discoveries.