If you work in IT, start bug hunting. There are tons of bug bounty programs where companies will pay you $50-$500 or more per bug found. Hypothetically you spend a couple months learning the basic attacks, write some scripts / payload package to test, go to a bug bounty site, and let 'er rip. Something like 95% of sites + mobile sites are vulnerable to some of the most basic attacks. And if you happen to find a day-zero bug you can get beaucoup bucks from the company.
|