Bug hunting, is it worth it?
Short answer ... no
Here are 4 verified bugs I submitted, from major sites, and was never paid for, with evidence
The prank a Facebook follower one.
Basically this bug allows a user to upload a status on how amazing the tories are, only for the person sharing it to re-share a picture of a the Uk's post brexit economy as a sheep being attacked by loads of wolves
Try it now, that's not a feature, it's a bug.
The "poison Facebook's advertising database one".
Facebook track user's offline, this exploit allows me to claim to be the original user, and point their (encrypted) Facebook ID to a site for those with a fetish foe penguins.
The GitHub (owned by Microsoft), eternal student one.
Students get free access to online tools (worth thousands of pounds per student, verified by their .ac.uk address (or .edu in America), change the .ac.uk student address and get student perks for the resat of your life, thanks M$
The National Express (UK coach company, Value 27/9/2022 £1.14 billion
On the National express app, searches for Victoria coach station come us as null, meaning "not listed", and therefore can't be booked under teh exploit reported.
There is Open bug bounty a place where you can keep multi-billion pound companies secure by brokering vulnerabilities for ...
A pat on the head.
Come on, your companies are sometimes worth trillions, is money so tight that you can't pay people who stop you being taken offline?