Now I know that a lot of people will not like this answer and you certainly do not have to follow this method if you don’t wish to.

But the answer is:

Vulnerability Disclosure Programs

These programs are generally frowned upon by the majority of skilled hackers as they do not pay anything for valid vulnerabilities. Since they are overlooked however, it is the easiest and fastest way to finding high ranking and valid vulnerabilities.

However, you do not absolutely need to follow this method to do well. A lot of people start out focused on paying bug bounty programs as XSS is still relatively easy to find. But the issue is that most people new to bug bounties get so excited to find the XSS that they immediately report it and simply have a medium or P3 finding. What you want to do for more and higher quality private invites is to find a way to escalate those XSS findings before submission!

Picking a platform

So I will say that I only really have experience in dealing with HackerOne and BugCrowd right now. They are both good platforms, although I personally feel that BugCrowd is a lot more beginner friendly and HackerOne is better for the more experienced. I am sure you will do amazing in whichever you choose!

HackerOne

Offers the ability to learn on its platform and complete free capture the flag labs for points toward private program invites. I do believe that this platform is the only one that gives you an opportunity to get private invites at all before having any valid submissions. However, this platform does not reward you anything for your time and effort if your submissions turn out to be duplicates. It is more difficult to get valid submissions on this platform but it did swarm me with far more private invites than I knew what to do with as soon as I did!

BugCrowd

This platform awards you for finding even duplicates with adding to your total vulnerabilities found and achievements! It gave a decent amount of private invite request but also has a section you can go to with private programs and you can choose to join them once you meet the requirements. The requirements are easier to meet since even duplicates count as your valid vulnerability findings.

Apologies if I did not cover a platform that you are interested in. There are so many to choose from and you are in no way required to pick from these two. They are merely examples from my own experience. If you do have any suggestions on platform(s) I should try and write about feel free to contact me as I am always open to suggestions and love trying out new things!