OWASP Risk Assessment Framework

The OWASP Risk Assessment Framework

Build Status Codacy Badge GSOC 2019 Repo Size Contributions Welcome Last commit OWASP Incubator PRESENT PRESENT MIT license

The OWASP Risk Assessment Framework consist of Static application security testing and Risk Assessment tools, Eventhough there are many SAST tools available for testers, but the compatibility and the Environement setup process is complex. By using OWASP Risk Assessment Framework’s Static Appilication Security Testing tool Testers will be able to analyse and review their code quality and vulnerabilities without any additional setup. OWASP Risk Assessment Framework can be integrated in the DevSecOps toolchain to help developers to write and produce secure code.


  • Remote Web Deface Detection (Optional)
  • Static Application security Testing

Web Deface Detection

Web Deface Detection Installation

  • cd web_deface/
  • pip install -r requirements.txt
  • python web_deface.py <notif arguments>
  • For more detailed information, refer to the user guide
    we have update related web deface detection please see video Youtube

    Static Application security Testing (Under Develoment)

  • For more detailed information, refer to the user guide

    Demo RAF SAST Tool


Demo-2 __

Join Our Telegram Channel



Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.