MCP ZAP Server

MCPOpen SourceMIT54.4

by dtkmn • Uncategorized

Exposes OWASP ZAP as an MCP server to enable AI agents to orchestrate ZAP actions.

Example Use Cases

1
Automate OWASP ZAP scanning and reporting via MCP protocol.
2
Secure, token-based access to ZAP functionalities in production.
3
Integration with OpenAPI specs to trigger scans and generate findings summaries.

Description

MCP ZAP Server is a Spring Boot application that exposes OWASP ZAP functionalities such as spidering, active scanning, and report generation as MCP tools. It allows any MCP-compatible AI agent to control ZAP actions programmatically, eliminating manual CLI calls and brittle scripts. The server supports secure API key or JWT authentication modes, URL validation, and configurable scan limits, making it suitable for both development and production environments. It is dockerized for easy deployment and integrates with OpenAPI specs for automated scanning.

Quick Actions

View on GitHub

Security

Scanned 2 month(s) ago

Risk Level

MINIMAL

Read-only data retrieval, no side effects

Trust Score

C51/100

6/17 checks passed

Scores are informational only and provided “as is” without warranty. AgentHotspot assumes no liability for actions taken based on these ratings.

Quick Stats

Service TypeMCP

Pricing ModelFree

Capabilities0 Tools / 0 Prompts / 0 Resources

Ownerdtkmn

CategoryUncategorized

DependenciesStandalone