Download

Tag: Api

Scanning MCP Servers with ZAP

Posted Thursday May 21, 2026 650 Words
ZAP can now scan MCP (Model Context Protocol) servers as a first-class target. Import an MCP server from the ZAP desktop or the Automation Framework, or run the new action-mcp-scan GitHub Action to scan one from CI.

The ZAP MCP Server

Posted Thursday April 2, 2026 1082 Words
Connect AI assistants like Claude and ChatGPT to ZAP via the Model Context Protocol. Start scans, read alerts, and explore your application—all through natural conversation.

Scanning APIs with ZAP

Posted Monday June 19, 2017 1100 Words

The previous ZAP blog post explained how you could Explore APIs with ZAP.
This blog post goes one step further, and explains how you can both explore and perform security scanning of APIs using ZAP from the command line.
This allows you to easily automate the scanning of your APIs.

Exploring APIs with ZAP

Posted Monday April 3, 2017 486 Words

APIs can be challenging for security testing for a variety of reasons.
The first problem you will encounter is how to effectively explore an API - most APIs cannot be explored using browsing or standard spidering techniques.
However many APIs are described using technologies such as:

These standards define the API endpoints and can be imported into ZAP using 2 optional add-ons.

Tags

Authors