The OWASP Risk Assessment Framework: Static Application Security Testing
The OWASP Risk Assessment Framework
The OWASP Risk Assessment Framework is Static application security testing and Risk Assesment tool.
Introduction to Problem
There are hundreds of SAST tools available for a penetration tester to use from and there are frameworks to assess the risk of a security flaw. But in the OWASP Risk Assessment to testers have to manually input the test results from each and every tool to get a relative approximation. This makes the assessment part as a separate component from all other tools.
Features
- Web Deface Detection
- Scanning Tools based on OWASP Top 10
- Risk Assesment Tools
- Static Application Security Testing
Download
git clone https://github.com/OWASP/RiskAssessmentFramework.git
Web Deface Detection Installation
cd web_deface/
pip install -r requirements.txt
python web_deface.py <notif arguments>
Demo
Copyright (c) 2019 Ade Yoseman Putra
Source: https://github.com/OWASP/