Risk Assessment Framework : Static Application Security Testing

The OWASP Risk Assessment Framework consist of Static application security testing and Risk Assessment tools, Eventhough there are many SAST tools available for testers, but the compatibility and the Environment setup process is complex.

By using OWASP Risk Assessment Framework’s Static Application Security Testing tool Testers will be able to analyze and review their code quality and vulnerabilities without any additional setup.

OWASP Risk Assessment Framework can be integrated in the DevSecOps toolchain to help developers to write and produce secure code.


  • Remote Web Deface Detection (Optional)
  • Static Application security Testing

Also Read – Blinder : A Python Library To Automate Time-Based Blind SQL Injection

Web Deface Detection

Web Deface Detection Installation:

cd web_deface/
pip install -r requirements.txt
python web_deface.py

Demo RAF SAST Tool

Risk Assessment Framework : Static Application Security Testing

Credits : Ade Yoseman Putra, AZZEDDINE Ramrami , Rejah Rehim