Breaking Into Open Source This Summer? Start with OWASP BLT

saksh — Thu, 16 Apr 2026 15:31:47 +0000

As summer approaches, open source sees a steady wave of new contributors.
Each year, developers explore repositories, review issues, and look for meaningful ways to get involved.

The challenge is rarely writing code. It is understanding the system well enough to contribute effectively.

This summer, OWASP BLT is participating in the Social Summer of Code (SSOC), a three-month program focused on open source contribution, learning, and collaboration. It brings together contributors from diverse backgrounds to work on real-world projects, submit pull requests, and actively engage with the open source ecosystem.

About OWASP BLT

OWASP BLT (Bug Logging Tool) is a community-driven OWASP project developing open source tools for vulnerability reporting, bug tracking, and security automation.

The project spans APIs, dashboards, applications, bots, and ongoing research under OWASP. This is designed to make security workflows more practical, structured, and accessible for developers and teams.

Ongoing Deletion Program

Alongside regular development, OWASP BLT is running an ongoing deletion initiative.

Contributors review the repository, identify unused or unnecessary files, and remove them. Each valid contribution is rewarded with $1.

This effort focuses on:

Supporting the ongoing migration to separate and more structured repositories
Maintaining a clean and efficient codebase
Improving long-term maintainability
Helping contributors understand the structure of a real-world project

It also provides a simple and practical entry point for those beginning their open source journey.

Contribution Opportunities During SSOC

As the program progresses, more areas of the project will be opened for contribution, including:

Clearly defined and beginner-friendly issues
Opportunities across different parts of the stack
Active collaboration within the community

Whether you are exploring open source for the first time or looking to contribute to security-focused tooling, OWASP BLT offers a structured and meaningful way to get involved.

Get started 🚀

Explore the repository and start contributing:
https://github.com/OWASP-BLT/BLT.

The first step in open source

saksh — Wed, 04 Mar 2026 13:08:02 +0000

Back in October, I read a blog by GSoC contributor.

He talked about how he started, how he discovered open source, what he worked on, and how his journey unfolded. I already knew what open source was. I knew what GSoC was. I had watched the videos. I had read many blogs too.

But knowing something and stepping into it are two very different things.

I had this quiet dream of one day having that GSoC badge on my profile. And to have that, you need to contribute to open source.

But my brain kept whispering:

“What if you change one line of code and accidentally take down production?”

There’s also this narrative you sometimes see online that students (especially from India) “pollute” open source with low-quality contributions.

So my biggest fear wasn’t just breaking production with my code but also criticism .

In that blog, he mentioned his first PR in OWASP BLT. It was a small simple pr. And I thought if I could find something like that, maybe even I can contribute. So, I explored the organization.

Every page.

Every link.

Everything just to spot a small issue which I could handle.

And after some chaotic scrolling and determined clicking, I found what felt like buried treasure:

A broken link in the contribution guide. It was just a small href issue.
It really felt like mirage lol. I went to their repo , read the contributing guidelines, I set up the codebase and installed all the prerequisites.

When I solved the issue, the pre-commit kept failing. And I was like this is the end. It’s not going to work. It took me 5 hrs to solve everything. Eventually it worked and I raised the pr on 1st november 2025.

drum roll

And the very next day pr was merged.

Press enter or click to view image in full size

I remember, I kept visiting the site just to check my change lol. That tiny broken link was my entry into OWASP BLT and open source as whole.

And I’ll always be grateful for the blog, BLT.

Because fast forward to today, I have 20+ prs merged in this org.I learned how to interact with maintainers, contribute to real-world problems, and even give peer reviews.

I used to think open source was reserved for genius developers , turns out all I needed one first step forward.

If you’re still reading and hesitating. Go and explore https://github.com/OWASP-BLT.
You might find your own “broken href” moment.

And that tiny fix?
It might quietly change your trajectory.

Like it changed mine.

And yes, don’t treat open source like a competitive exam.

It’s about learning by working on real-world applications.

It’s about realising that your small change can help many people. That feeling is so powerful.