Pretty much like a dream, isn't it? Being able to hack big companies and get paid big money for it.
Well, it no longer is a distant dream. Assuming you know how to pentest and code efficiently under heavy amounts of stress, this job is for you. You'll act as an independent contractor and your main job is to find exploits in websites and report it to companies in order to get paid - if you take advantage of a serious vulnerability, you could end up facing serious jailtime, so the best option is to simply hand it in and get paid instead. Keep in mind that your exploit has to be reproduceable and fixed before you're able to get paid. If you're caught creating serious damage or taking advantage of the vulnerability you had just found, you'd likely be reported to local authorities for robbery, hacking, or simply asked to return back the money you took. I've seen a few cases of exploiters using a vulnerability to get paid for the actual pentest in the first place, and so far, it doesn't seem to be illegal as most companies do not detest to this specific practice aslong as the vulnerability ends up being fixed or if you tell them how to fix it - resulting in an efficient and speedy fixing process with little to no damage to their system.
Sounds pretty exhilirating, doesn't it? Yes, ofcourse it does.
It's glammorous when you look at it from a serious standpoint. You could make upto 400k usd in a single day if you're really skilled, and easily make millions a year if you've been coding for years, or are some sort of divergent thinker. Divergent thinkers always beat geniuses, especially in fields like this.
There are a ton of massive companies that want your help, here are a few more pages of them: