OWASP BLT: Secure the Web, Get Rewarded

Strengthen worldwide applications by finding and fixing security & coding issues through bug bounties and issue rewards. Earn money via GitHub Sponsors & BCH and get recognized with BACON, the first open-source security token on Bitcoin Runes.

Protect Applications

Safeguard your applications from security vulnerabilities.

Earn Rewards

Get rewarded for your security findings.

View Bounties

Automate Security

Streamline your security workflows.

NEW

Learn & Grow

Access expert-led security courses.

Start Learning
Register Organization

Recent Hackathons

Join our coding competitions, collaborate with the community, and win amazing prizes!

Security Hackathon 2024

Active

Organized by OWASP

Join us for an exciting security hackathon where you can compete with other security researchers and win amazing prizes!

Nov 01, 2024 - Nov 30, 2024
View Details

Web Security Challenge

Upcoming

Organized by BLT Community

Test your web security skills in this comprehensive challenge covering various vulnerability types and exploitation techniques.

Dec 01, 2024 - Dec 15, 2024
View Details
View All Hackathons

Community Leaderboards

Total Bounties Earned: $155

Top Earners

1 avatar SecurityPro
$50.00
2 avatar BugHunter
$35.00
3 avatar CodeMaster
$25.00

Top Bug Reporters

1 avatar SecurityPro
45 bugs
2 avatar BugHunter
32 bugs
3 avatar CodeMaster
28 bugs

TOP BLT PRs - Nov

1 avatar GitContributor1
15 PRs
2 avatar GitContributor2
12 PRs
3 avatar GitContributor3
10 PRs

Top Referrals

1 avatar Referrer1
20 pts 10
2 avatar Referrer2
16 pts 8
3 avatar Referrer3
12 pts 6

Our Components

Four key components power OWASP BLT. The core, mobile access, browser integration, and automation—working together to secure applications worldwide.

Django Core

The main engine powering OWASP BLT's system API and Slack Bot.

Star 1.2k Report a Bug

Flutter iOS App

Mobile application for on-the-go bug reporting and management.

Star 156 Download App

Chrome Extension

Browser extension for quick bug reporting and screenshots.

Star 89 Install Extension

GitHub Action

GitHub Action for automated security checks and reporting.

Star 45 Use Latest

Join Our Referral Program

Sign in to get your referral link and start earning points!

Sign In to Participate

Latest Activity

Latest Repositories

(24 total)
awesome-security-tools Python
vulnerability-scanner JavaScript
penetration-testing-kit Go
security-automation Python
web-security-checklist Markdown
View All Add Repo

Recent Discussions

(15 recent)
Best practices for SQL injection prevention
SecurityExpert 2 hours ago
XSS vulnerabilities in modern frameworks
DevSecOps 5 hours ago
How to get started with bug bounty hunting?
NewHunter 1 day ago
CSRF protection implementation guide
WebSecPro 2 days ago
View All New Discussion

Latest Bug Reports

XSS vulnerability in search form

Open
example.com
avatar SecurityPro
3 hours ago
15 High
View Details

SQL injection in login page

Resolved
testsite.org
avatar BugHunter
1 day ago
28 Critical
View Details
View All Bug Reports

Latest Blog Posts

Top 10 Security Vulnerabilities in 2024

SecurityEditor 3 days ago

Explore the most critical security vulnerabilities discovered this year and learn how to protect your applications from these threats...

Read more

Getting Started with Bug Bounty Programs

BountyExpert 1 week ago

A comprehensive guide for beginners looking to start their journey in bug bounty hunting and ethical hacking...

Read more

Tools for Organizations

Organizations

Browse and manage organizations

 Register Organization

Add your company to our platform

 Domains

Manage website domains and assets

 Bugs

View and track reported vulnerabilities

 Issues

Track GitHub issues and tasks
Bounties

Set up and manage bug bounty programs

 Check-ins

Schedule and track security reviews

 Time Logs

Track time spent on security tasks

 Trademarks

Search and monitor trademark usage

 Map

View global security activity

Tools for Projects

Projects

Manage your security projects

 Repositories

Connect and monitor GitHub repos

 Bid on Issues

Place bids on open issues

 Funding

Manage project funding & rewards

 Bacon

Earn & manage Bacon tokens

Tools for Users & Teams

Users

Manage team members

 Teams

Create & manage teams

 Challenges

Security challenges

 Leaderboards

Track achievements

 Badges

Earn achievements

 Analytics

Team performance

Corporate Supporters

BLT is an official OWASP project, adhering to the highest standards of open-source security.

Sentry provides BLT with a free plan for error monitoring and performance tracking.

Google supports BLT through Google Summer of Code, fostering student contributions.

Donate to the BLT project to support our development and have your logo featured here. Become a Supporter

Get Involved

Join our community and help make the internet a safer place.

Join the Community Explore Projects Roadmap Support Us