AgentIndex icon
AgentIndex
ToolsCategoriesTrendingNewCompare
Submit Tool
Home/
Workflow Automation/
mcp-zap-server
mcp-zap-server logo

mcp-zap-server

Active·★ 55·MIT·Updated 2026-05-29
★ Trending★ Workflow Automation★ API Integration

A Spring Boot application exposing OWASP ZAP as an MCP (Model Context Protocol) server. It lets any MCP‑compatible AI agent (e.g., Claude Desktop, Cursor) orchestrate ZAP actions—spider, active scan, import OpenAPI specs, and generate reports.

A Spring Boot application that exposes OWASP ZAP as a Model Context Protocol (MCP) server, allowing MCP-compatible AI agents to orchestrate ZAP actions such as spider scanning, active scanning, and report generation. It offers guided and expert tool surfaces, a scan queue with high-availability support, and various security features.

#java#llm#mcp#mcp-server#mcp-servers#owasp#spring-ai#spring-boot
$ Install
$ git clone https://github.com/dtkmn/mcp-zap-server.git && cd mcp-zap-server && cp .env.example .env && mkdir -p $(grep LOCAL_ZAP_WORKPLACE_FOLDER .env | cut -d '=' -f2)/zap-wrk && docker compose -f docker-compose.yml -f docker-compose.dev.yml up -d --build
↗ Visit site★ GitHub
01

Features

01MCP ZAP server: Exposes ZAP actions as MCP tools
02Guided and expert tool surfaces
03OpenAPI integration for importing API specs and scanning
04Findings and report workflows with diff support
05Scan queue v1 with job lifecycle, retries, and dead-letter handling
02

Compatibility

Docker Compose
Docker Compose
Verified via docs
Kubernetes
Kubernetes (Helm)
Verified via docs
Open WebUI
Open WebUI
Verified via docs
Claude Desktop
Claude Desktop
Verified via docs
03

Quick start

1
$ git clone https://github.com/dtkmn/mcp-zap-server.git
2
$ cd mcp-zap-server
3
$ cp .env.example .env
4
$ mkdir -p $(grep LOCAL_ZAP_WORKPLACE_FOLDER .env | cut -d '=' -f2)/zap-wrk
5
$ docker compose -f docker-compose.yml -f docker-compose.dev.yml up -d --build
04

Use cases

↳Automated security scanning orchestrated by AI agents
↳Continuous integration security testing with CI/CD pipelines
↳Automated vulnerability assessment for web applications and APIs
05

Alternatives

Gemini CLI logo
Gemini CLI★ 104.7k
An open-source AI agent that brings the power of Gemini directly into your terminal. Supports native MCP.
vs →
dagster logo
dagster★ 15.6k
An orchestration platform for the development, production, and observation of data assets.
vs →
fastmcp logo
fastmcp★ 25.4k
🚀 The fast, Pythonic way to build MCP servers and clients.
vs →
FunASR logo
FunASR★ 16.6k
Industrial-grade speech recognition toolkit: 170x realtime, 50+ languages, speaker diarization, emotion detection, streaming, and OpenAI-compatible API.
vs →
semble logo
semble★ 4.5k
Fast and Accurate Code Search for Agents
vs →
csharp-sdk logo
csharp-sdk★ 4.3k
The official C# SDK for Model Context Protocol servers and clients. Maintained in collaboration with Microsoft.
vs →
fast-agent logo
fast-agent★ 3.8k
Code, Build and Evaluate agents - excellent Model and Skills/MCP/ACP Support
vs →
initrunner logo
initrunner★ 38
Define AI agent roles in YAML and run them anywhere: CLI, API server, or autonomous daemon
vs →
See all alternatives →

Related searches

mcp-zap-server AlternativesBest Workflow Automation Tools 2026Open Source Workflow Automationmcp-zap-server Tutorialmcp-zap-server Vs Competitorsjavallmmcp

Comments

Log in to leave a comment
  • A
    Avery ThompsonMay 19, 2026

    Setup was straightforward, flexible config and running in minutes — it lets any mcp‑compatible ai agent (e. No complaints after 6 months of use.

  • C
    Corey HarrisApr 19, 2026

    The spring coverage is surprisingly complete. Runs fine on Docker.

  • R
    Reese BrownApr 19, 2026

    The application integration saves writing a lot of boilerplate. No complaints after 2 months of use.

  • J
    Justice KimApr 8, 2026

    Spring via MCP is exactly the right abstraction — , claude desktop, cursor) orchestrate zap actions. Integrates well with existing spring setups.

  • F
    Finley HarrisMar 15, 2026

    Dropped this into lightweight pipeline and it just worked — , claude desktop, cursor) orchestrate zap actions. Would recommend for lightweight use cases.

On this page
01Features02Compatibility03Quick start04Use cases05Alternatives
Stats
GitHub Stars★ 55
Last commit1d ago
StatusActive
LicenseMIT
CategoryWorkflow Automation
Trend (30d)
+2.2↑ 0.7%
Links
Documentation↗Discussion↗Issues↗Releases↗

Deploy on DigitalOcean — Get $200 Free Credit

Ad
© 2026 AgentIndex.app|Built by a 10-year iOS Developer.
QYSGitHubBuy me a coffee ☕

Browse by Category

Code AssistantWorkflow AutomationRAG / Knowledge BaseMulti-AgentBrowser AutomationLLM InfraDev ToolingObservability

Not affiliated with Anthropic, OpenAI or Microsoft.