Tools: Open Source Journey: Contributing to OWASP BLT

Introduction ## What is OWASP BLT? ## My Learnings ## Advice to New Contributors I started my journey with open source when I was applying for Summer of Bitcoin ’25 and got rejected in the proposal round. It was a setback for me, yes. But after that, I worked on my skills and changed my approach. This time, my goal was not just to get selected somewhere. I wanted to choose an organization that I genuinely liked and contribute to it in such a way that even if I didn’t get selected, I would still be proud of the real-world progress and contributions I made. That’s when I started exploring, and OWASP caught my attention — especially its BLT (Bug Logging Tool) project. One of the most positive things about the community was how welcoming everyone was. Donnie guided us even through small, seemingly silly steps without ever making us feel small. That support meant a lot. This was the phase that shifted me from “building projects” to “contributing to a production project.” And that shift changed everything. OWASP BLT (Bug Logging Tool) is an open-source OWASP project that provides a single landing page and workflow for collecting public bug reports, safely routing sensitive security vulnerabilities to BLT-Zero, and giving transparent recognition to contributors through a live leaderboard driven by GitHub issue activity. It follows a security-first approach and has a very active community behind it. At the same time, it is beginner-friendly, which makes it a perfect place for anyone who wants to start contributing to open source without feeling overwhelmed. The things I learned while contributing are not limited to coding. I learned better communication — how to explain ideas clearly, how to ask the right questions, and how to respond to feedback properly. I learned how to understand large codebases and think with a security-first mindset instead of just “making things work.” Another interesting aspect of BLT is how openly it embraces AI. It actively encourages contributors to use AI tools in their workflow and even integrate AI into development practices. That exposure changed how I approach problem-solving and coding in general. Peer reviews were another huge learning experience. The feedback I received on my PRs helped me improve a lot. At the same time, reviewing others’ PRs forced me to deeply understand their code, logic, and design decisions — which was learning in itself. Honestly, I can say I’ve learned more in these past few months contributing to BLT than in the previous year of building projects just to impress myself and then leaving them unfinished. (Sad reality of most side projects.) Contributing consistently to a real production project feels different. It feels meaningful. My advice to new contributors is simple: start small. Don’t be overwhelmed. OWASP is a very beginner-friendly organization. If you are respectful to your peers and genuinely willing to learn, the community will always welcome you — even if you don’t know everything yet or are still figuring things out. (Just got reminded of the favorite rat of our huddles.) Don’t be afraid to ask questions. Respect maintainers’ time. And most importantly — stay consistent. Chase this dopamine guys!!! Templates let you quickly answer FAQs or store snippets for re-use. Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse - Don’t be afraid to ask questions. - Respect maintainers’ time.