OWASP ZAP MCP Server

Betasecurity
45 starsPythoncommunity
GitHub
About

Overview

The OWASP ZAP MCP Server enables AI agents to perform dynamic security testing using OWASP ZAP. It provides tools for spidering web applications, running active scans, viewing alerts, and generating security reports.
Capabilities

Tools & Capabilities

spider

Spider a target URL to discover pages

active_scan

Run an active security scan

get_alerts

Get security alerts found

generate_report

Generate a security report

Setup

Installation

bash
Install
pip install mcp-server-zap
Examples

Example Usage

javascript
Usage
{
  "mcpServers": {
    "zap": {
      "command": "python",
      "args": ["-m", "mcp_server_zap"],
      "env": { "ZAP_URL": "http://localhost:8080", "ZAP_API_KEY": "your-key" }
    }
  }
}

Quick Info

Authorcommunity
LanguagePython
StatusBeta
Stars 45
Last UpdatedFeb 12, 2026

Need a Custom MCP Server?

Our team builds custom MCP servers tailored to your workflow.

Get in Touch

Need a Custom MCP Server?

Our team builds custom MCP servers tailored to your workflow. From proprietary data sources to internal tools, we have you covered.

Contact Us
CortexAgent Customer Service

Want to skip the form?

Our team is available to help you get started with CortexAgent.

This chat may be recorded for quality assurance. You can view our Privacy Policy.