MCP Server Pentest
Automated browser penetration testing to detect XSS and SQL vulnerabilities.
MCP Server Pentest
Features
- Full browser xss, sql vulnerability automatic detection
- Screenshots of the entire page or specific elements
- Comprehensive network interaction (navigation, clicks, form filling)
- Console log monitoring
- JavaScript execution in the browser context
Installation
Installing
npx playwright install firefox
yarn install
npm run build
Configuration
The installation process will automatically add the following configuration to your Claude config file:
{
"mcpServers": {
"playwright": {
"command": "npx",
"args": [
"-y",
"/Users/...../dist/index.js"
],
"disabled": false,
"autoApprove": []
}
}
}
Components
Tools
broser_url_reflected_xss
Test whether the URL has an XSS vulnerability
{
"url": "https://test.com",
"paramName":"text"
}
browser_url_sql_injection
Test whether the URL has SQL injection vulnerabilities
{
"url": "https://test.com",
"paramName":"text"
}
browser_navigate
Navigate to any URL in the browser
{
"url": "https://stealthbrowser.cloud"
}
browser_screenshot
Capture screenshots of the entire page or specific elements
{
"name": "screenshot-name", // required
"selector": "#element-id", // optional
"fullPage": true // optional, default: false
}
browser_click
Click elements on the page using CSS selector
{
"selector": "#button-id"
}
browser_click_text
Click elements on the page by their text content
{
"text": "Click me"
}
browser_hover
Hover over elements on the page using CSS selector
{
"selector": "#menu-item"
}
browser_hover_text
Hover over elements on the page by their text content
{
"text": "Hover me"
}
browser_fill
Fill out input fields
{
"selector": "#input-field",
"value": "Hello World"
}
browser_select
Select an option in a SELECT element using CSS selector
{
"selector": "#dropdown",
"value": "option-value"
}
browser_select_text
Select an option in a SELECT element by its text content
{
"text": "Choose me",
"value": "option-value"
}
browser_evaluate
Execute JavaScript in the browser console
{
"script": "document.title"
}
Serveurs connexes
Scout Monitoring MCP
sponsorPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
sponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
MCP Low-Level Server Streamable HTTP
A low-level MCP server implementation with streamable HTTP support, configured via environment variables.
Srclight
Deep code indexing for AI agents — 25 MCP tools: hybrid FTS5 + embedding search, call graphs, git blame/hotspots, build system analysis. Multi-repo workspaces, GPU-accelerated semantic search, 10 languages. Fully local, zero cloud dependencies.
Nereid - Mermaid charts
Create and explore Mermaid diagrams in collaboration with AI agents
mcp-openapi
Turn any OpenAPI/Swagger spec into Claude tools. Zero config, zero code.
Moralis Web3 API
Interact with the Moralis Web3 API to access blockchain data across multiple networks through a structured interface.
EdgeOne Pages MCP
An MCP server and client implementation for EdgeOne Pages Functions, supporting OpenAI-formatted requests.
MCPfinder
A Node.js server for AI agents to discover, install, and manage new capabilities on demand via the MCP protocol.
Release Notes Server
Generates release notes from GitHub repositories by fetching and organizing commits.
Godot MCP Pro
Premium MCP server for Godot game engine with 84 AI-powered tools for scene editing, scripting, animation, tilemap, shader, input simulation, and runtime debugging.
Azure MCP Server
All Azure MCP tools in a single server. The Azure MCP Server implements the MCP specification to create a seamless connection between AI agents and Azure services. Azure MCP Server can be used alone or with the GitHub Copilot for Azure extension in VS Code.