Best OWASP MCP Servers

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software through community-led open source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences.

View all OWASP MCP Servers

Why this server?
Conducts security audits and vulnerability scanning with OWASP compliance checking
Houtini-lm
Code Analysis Developer Tools Autonomous Agents
houtini-ai
A
security
A
license
A
quality
Houtini LM - LM Studio MCP Server with Expert Prompt Library and Custom Prompting - Offload tasks to LM Studio from Claude Desktop.
Last updated 3 days ago
34
145
13
MIT
Why this server?
Provides structured access to the OWASP Bug Logging Tool (BLT) ecosystem, allowing AI agents to submit issues, triage vulnerabilities, manage security workflows, and track contributor rankings and rewards.
BLT-MCP
Security Testing & QA Tools Penetration Testing
OWASP-BLT
A
security
A
license
A
quality
Provides AI agents with structured access to the OWASP Bug Logging Tool (BLT) ecosystem for logging bugs, triaging issues, and managing security workflows. It enables actions like submitting vulnerabilities, tracking contributor leaderboards, and awarding gamified bacon points through a unified interface.
Last updated 7 days ago
4
7
AGPL 3.0
Why this server?
Facilitates security auditing based on OWASP standards, utilizing tools like OWASP ZAP for dynamic scanning and Top 10 coverage.
DevSecOps MCP Server
Testing & QA Tools Security Developer Tools
JesusDavidQuarksoft
A
security
A
license
A
quality
An MCP server that integrates SAST, DAST, and SCA security tools to enable AI-driven vulnerability scanning and automated security reporting. It allows AI assistants to execute and analyze results from tools like Semgrep, OWASP ZAP, and Trivy within a DevSecOps workflow.
Last updated a month ago
6
MIT
Why this server?
Provides comprehensive access to OWASP security documentation, including detailed information on the OWASP Top 10 vulnerabilities and security cheat sheets.
Security Context MCP Server
Documentation Access Search Security
abreed05
A
security
A
license
A
quality
Provides instant access to authoritative security documentation from organizations like OWASP, NIST, and major cloud providers through natural language semantic search. It enables users to retrieve security best practices, frameworks, and vulnerability information directly from a locally cached knowledge base.
Last updated 2 months ago
4
1
MIT
Why this server?
Supports implementation of protection against OWASP top 10 vulnerabilities through rule creation and configuration.
Fastly NGWAF MCP Server
Security Autonomous Agents Remote
purpleax
A
security
A
license
A
quality
Provides seamless integration with Fastly's Next-Gen Web Application Firewall API, enabling AI assistants to manage web application security through natural language interactions.
Last updated 9 months ago
29
1
MIT
Why this server?
Enriches security audit findings with OWASP security categories and standardized vulnerability references.
VibeCheck MCP Server
Security Code Analysis Testing & QA Tools
philiphess1
A
security
A
license
A
quality
An AI-powered security audit tool that analyzes codebases for vulnerabilities using real-time data from MITRE CWE and npm audit. It enables deep analysis of authentication, API security, and dependencies to provide structured findings and remediation steps.
Last updated 2 months ago
2
0
1
MIT
Why this server?
Integrates OWASP security guidelines and references for vulnerability classifications and remediation advice, mapping detected issues to OWASP Top 10 categories.
Adversary MCP Server
Penetration Testing Code Analysis Developer Tools
brettbergin
A
security
A
license
A
quality
A security-focused server that integrates with Cursor IDE to provide real-time vulnerability detection, exploit generation, and security insights during software development.
Last updated 7 months ago
7
1
MIT
Why this server?
Implements OWASP-aligned security checks for authentication systems, allowing validation against industry-standard security practices
Better Auth MCP Server
Security App Automation
LexiconAlex
A
security
A
license
A
quality
Enterprise-grade authentication solution that provides secure credential management with encryption, multi-protocol authentication (OAuth2, SAML, LDAP), and real-time threat detection for applications.
Last updated a year ago
8
1
AGPL 3.0
Why this server?
Implements OWASP security standards and best practices
Open Search MCP
flyanima
A
security
A
license
A
quality
A comprehensive Model Context Protocol server providing 33 specialized research and search tools for Claude Desktop, enabling powerful search capabilities across academic, technical, and general domains.
Last updated 8 months ago
40
3
MIT