A gamified platform for discovering and reporting bugs across websites, apps, git repositories, and more
๐ Website โข ๐ Contributing Guide โข ๐ฌ Join Slack โข ๐ Report Bug
OWASP BLT (Bug Logging Tool) is a gamified crowd-sourced QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more.
The platform helps coders and security researchers discover organizations, repositories, and projects to test and report to, making it easier to find meaningful security work and contribute to the community.
Our team has created dozens of open-source tools to assist in our main vision, including tools specific to the OWASP foundation. We embrace the AI revolution and have developed AI-powered tools and processes for efficient coding in harmony between humans and AI.
Built by the community for the community, BLT makes it easy for security researchers, developers, and organizations to collaborate on finding and fixing vulnerabilities.
- ๐ QA Testing & Vulnerability Disclosure - Discover and report bugs across websites, apps, git repositories, and projects
- ๐บ๏ธ Discover Testing Opportunities - Find organizations, repositories, and projects to test and report to
- ๐ Rewards & Recognition - Earn rewards, badges, and recognition for your contributions to software quality and security
- ๐ฅ Crowd-Sourced Testing - Join a vibrant community of testers, security researchers, and developers
- ๐ฎ Gamification - Leaderboards, challenges, and competitions to make testing engaging and rewarding
- ๐ฐ Staking System - Innovative blockchain-based reward system for contributors
- ๐ค AI-Powered Tools - Leverage AI for efficient coding, PR reviews, issue generation, and similarity scanning
- ๐ Comprehensive Dashboard - Track your progress, statistics, and impact across all platforms
- ๐ Open Source Ecosystem - Dozens of open-source tools supporting our mission
- ๐ก๏ธ OWASP Project - Part of the Open Worldwide Application Security Project family
- Python 3.11.2+
- PostgreSQL
- Docker & Docker Compose (recommended)
# Clone the repository
git clone https://github.com/OWASP-BLT/BLT.git
cd BLT
# Configure environment
cp .env.example .env
# Build and start
docker-compose build
docker-compose upAccess the application at http://localhost:8000
# Install dependencies
pip install poetry
poetry shell
poetry install
# Set up database
python manage.py migrate
python manage.py loaddata website/fixtures/initial_data.json
python manage.py createsuperuser
# Run the server
python manage.py runserverFor detailed setup instructions, see our Contributing Guide.
We welcome contributions from everyone! Whether you're fixing bugs, adding features, improving documentation, or spreading the word, your help is appreciated.
- ๐ Read our Contributing Guide
- ๐ Check out open issues
- ๐ก Look for issues tagged with
good first issueif you're new - ๐จ Follow our coding standards (Black, isort, ruff)
- โ
Run
pre-commitbefore submitting changes
- ๐ Website: owaspblt.org
- ๐ฌ Slack: Join OWASP Slack
- ๐ฆ Twitter: @OWASP_BLT
- ๐ฐ Sponsor: Support the project
- ๐ง Contact: Reach out through GitHub issues
This project is licensed under the AGPL-3.0 License - see the LICENSE.md file for details.
โญ Star this repository if you find it helpful!
Made with โค๏ธ by the OWASP BLT Community