mcp-zap-server

mcp-zap-server

3.3
security

If you are the rightful owner of mcp-zap-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

MCP ZAP Server is a Spring Boot application that exposes OWASP ZAP as an MCP server, allowing MCP-compatible AI agents to orchestrate ZAP actions.

The MCP ZAP Server is a Spring Boot application designed to expose OWASP ZAP functionalities as an MCP (Model Context Protocol) server. This setup allows any MCP-compatible AI agent, such as Claude Desktop or Cursor, to manage ZAP actions like spidering, active scanning, importing OpenAPI specifications, and generating reports. The server is dockerized, ensuring easy deployment and management, and it supports secure configurations through API keys. The architecture leverages Docker Compose to orchestrate various services, including the ZAP server, MCP server, and additional components like the OWASP Juice-Shop and Swagger Petstore Server for testing purposes. The server is not yet production-ready and is intended for educational purposes to demonstrate MCP capabilities with OWASP ZAP.

Features

  • MCP ZAP server: Exposes ZAP actions as MCP tools, eliminating manual CLI calls and brittle scripts.
  • OpenAPI integration: Allows importing remote OpenAPI specs into ZAP and initiating active scans.
  • Report generation: Generates HTML/JSON reports and fetches contents programmatically.
  • Dockerized: Runs ZAP and the MCP server in containers, orchestrated via docker-compose.
  • Secure: Configures API keys for both ZAP (ZAP_API_KEY) and the MCP server (MCP_API_KEY).

Related MCP Servers

View all security servers →
gateway

gateway

4.0

by centralmind

CentralMind Gateway is a tool designed to expose databases to AI agents via MCP or OpenAPI protocols, providing secure, LLM-optimized APIs.

databases
LitterBox

LitterBox

3.7

by BlackSnufkin

LitterBox is a controlled sandbox environment for security professionals to develop and test payloads, offering advanced analysis capabilities.

security
ida-pro-mcp

ida-pro-mcp

3.7

by mrexodia

Simple MCP Server to allow vibe reversing in IDA Pro.

developer_tools
mcp

mcp

3.7

by semgrep

Semgrep MCP Server is a Model Context Protocol server that uses Semgrep to scan code for security vulnerabilities.

security
enrichmcp

enrichmcp

3.7

by featureform

MCPEngine is a production-grade, HTTP-first implementation of the Model Context Protocol (MCP), providing a secure, scalable, and modern framework for exposing data, tools, and prompts to Large Language Models (LLMs) via MCP.

developer_tools
win-cli-mcp-server

win-cli-mcp-server

3.6

by SimonB97

MCP server for secure command-line interactions on Windows systems, enabling controlled access to PowerShell, CMD, Git Bash shells, and remote systems via SSH.

os_automation
code-sandbox-mcp

code-sandbox-mcp

3.6

by Automata-Labs-team

A secure sandbox environment for executing code within Docker containers. This MCP server provides AI applications with a safe and isolated environment for running code while maintaining security through containerization.

security
obsidian-mcp-tools

obsidian-mcp-tools

3.6

by jacksteamdev

MCP Tools for Obsidian enables AI applications like Claude Desktop to securely access and work with your Obsidian vault through the Model Context Protocol (MCP).

ai_chatbot
BloodHound-MCP-AI

BloodHound-MCP-AI

3.6

by MorDavid

BloodHound-MCP is a Model Context Protocol Server integration for BloodHound, enabling natural language analysis of Active Directory data.

security
apktool-mcp-server

apktool-mcp-server

3.6

by zinja-coder

apktool-mcp-server is a fully automated MCP server built on top of apktool to analyze Android APKs using LLMs like Claude, providing live reverse engineering support.

security
BloodHound-MCP

BloodHound-MCP

3.6

by stevenyu113228

BloodHound MCP is an extension of the BloodHound tool that enables LLMs to interact with and analyze Active Directory environments using natural language queries.

security
zionfhe_mcp_server_test

zionfhe_mcp_server_test

3.5

by joyecai

Zionfhe_mcp_server_test is a server implementation based on the new homomorphic encryption technology ZIONFHE, designed to provide secure computation capabilities.

security
mcp-openapi-proxy

mcp-openapi-proxy

3.5

by matthewhand

mcp-openapi-proxy is a Python package that implements a Model Context Protocol (MCP) server, designed to dynamically expose REST APIs—defined by OpenAPI specifications—as MCP tools.

developer_tools
MCP-Kali-Server

MCP-Kali-Server

3.5

by Wh0am123

Kali MCP Server is a lightweight API bridge that connects MCP Clients to the API server, allowing execution of commands on a Linux terminal.

security
mcp-server-wazuh

mcp-server-wazuh

3.5

by gbrigandi

A Rust-based server designed to bridge the gap between a Wazuh Security Information and Event Management (SIEM) system and applications requiring contextual security data, specifically tailored for the Claude Desktop Integration using the Model Context Protocol (MCP).

security
VibeShift

VibeShift

3.5

by GroundNG

VibeShift is an intelligent security agent designed to integrate seamlessly with AI coding assistants, acting as an automated security engineer to analyze code, identify vulnerabilities, and facilitate AI-driven remediation.

security
MCP_Security

MCP_Security

3.5

by fr0gger

A Model Context Protocol (MCP) server for querying the ORKL API, providing tools for fetching and analyzing threat reports, threat actors, and sources.

security
GhidraMCP

GhidraMCP

3.5

by 13bm

A Ghidra plugin that implements the Model Context Protocol (MCP) for AI-assisted binary analysis.

developer_tools
roadrecon_mcp_server

roadrecon_mcp_server

3.5

by atomicchonk

The ROADrecon MCP Server provides AI assistants like Claude with access to ROADRecon Azure AD data for security analysis.

security
Snyk

Snyk

3.5

by snyk

MCP (Model Context Protocol) is an open protocol that standardizes how applications share context with large language models.

security
binja-lattice-mcp

binja-lattice-mcp

3.5

by Invoke-RE

BinjaLattice is a secure communication protocol for Binary Ninja that enables interaction with external Model Context Protocol (MCP) servers and tools.

developer_tools
vercel-mcp-server

vercel-mcp-server

3.5

by Quegenx

A powerful Model Context Protocol (MCP) server for managing Vercel deployments with comprehensive features.

cloud_platforms
mcp_zoomeye

mcp_zoomeye

3.5

by zoomeye-ai

A Model Context Protocol (MCP) server that provides network asset information based on query conditions.

research_and_data
BurpSuite-MCP-Server

BurpSuite-MCP-Server

3.5

by X3r0K

A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.

security
NGCBot-MCP

NGCBot-MCP

3.5

by ngc660sec

NGCBot-MCP-Server is a WeChat bot based on the HOOK mechanism, supporting various features like security news push, AI responses, and more.

communication
volatility-mcp

volatility-mcp

3.5

by Gaffx

Volatility MCP integrates Volatility 3 with FastAPI and MCP for seamless memory forensics.

security
Rootly-MCP-server

Rootly-MCP-server

3.5

by Rootly-AI-Labs

An MCP server for Rootly API that integrates with MCP-compatible editors to resolve production incidents efficiently.

developer_tools