RiskAssessmentFramework – Static Application Security Testing

The OWASP Risk Assessment Framework consist of Static application security testing and Risk Assessment tools, Eventhough there are many SAST tools available for testers, but the compatibility and the Environement setup process is complex. By using OWASP Risk Assessment Framework’s Static Appilication Security Testing tool Testers will be able to analyse and review their code quality and vulnerabilities without any additional setup. OWASP Risk Assessment Framework can be integrated in the DevSecOps toolchain to help developers to write and produce secure code.


  • Remote Web Deface Detection (Optional)
  • Static Application security Testing

Web Deface Detection

Web Deface Detection Installation

  • cd web_deface/
  • pip install -r requirements.txt
  • python web_deface.py <notif arguments>
  • For more detailed information, refer to the user guide  
    we have update related web deface detection please see video Youtube

Static Application security Testing (Under Develoment)

  • For more detailed information, refer to the user guide

Demo RAF SAST Tool

wanna contribute this project dm me via twitter @johnleedik

Project Lead

Download RiskAssessmentFramework


This is only an educational purposes only I am not responsible for further activities

Join my forum and learn more ethical hacking and penetration testing


Get me at







Leave a Reply

Your email address will not be published. Required fields are marked *