MCP Server Pentest
Automated browser penetration testing to detect XSS and SQL vulnerabilities.
MCP Server Pentest
Features
- Full browser xss, sql vulnerability automatic detection
- Screenshots of the entire page or specific elements
- Comprehensive network interaction (navigation, clicks, form filling)
- Console log monitoring
- JavaScript execution in the browser context
Installation
Installing
npx playwright install firefox
yarn install
npm run build
Configuration
The installation process will automatically add the following configuration to your Claude config file:
{
"mcpServers": {
"playwright": {
"command": "npx",
"args": [
"-y",
"/Users/...../dist/index.js"
],
"disabled": false,
"autoApprove": []
}
}
}
Components
Tools
broser_url_reflected_xss
Test whether the URL has an XSS vulnerability
{
"url": "https://test.com",
"paramName":"text"
}
browser_url_sql_injection
Test whether the URL has SQL injection vulnerabilities
{
"url": "https://test.com",
"paramName":"text"
}
browser_navigate
Navigate to any URL in the browser
{
"url": "https://stealthbrowser.cloud"
}
browser_screenshot
Capture screenshots of the entire page or specific elements
{
"name": "screenshot-name", // required
"selector": "#element-id", // optional
"fullPage": true // optional, default: false
}
browser_click
Click elements on the page using CSS selector
{
"selector": "#button-id"
}
browser_click_text
Click elements on the page by their text content
{
"text": "Click me"
}
browser_hover
Hover over elements on the page using CSS selector
{
"selector": "#menu-item"
}
browser_hover_text
Hover over elements on the page by their text content
{
"text": "Hover me"
}
browser_fill
Fill out input fields
{
"selector": "#input-field",
"value": "Hello World"
}
browser_select
Select an option in a SELECT element using CSS selector
{
"selector": "#dropdown",
"value": "option-value"
}
browser_select_text
Select an option in a SELECT element by its text content
{
"text": "Choose me",
"value": "option-value"
}
browser_evaluate
Execute JavaScript in the browser console
{
"script": "document.title"
}
関連サーバー
Alpha Vantage MCP Server
スポンサーAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
velixar-mcp-server
Persistant AI Memory
Solana Dev MCP
An MCP server for Solana development providing basic RPC methods and helpful prompts.
Steadybit
Interact with the Steadybit platform to run chaos engineering experiments.
Base MCP Server
An MCP server providing onchain tools for AI applications to interact with the Base Network and Coinbase API.
shadcn/ui MCP
Provides context about shadcn/ui components, including structure, usage, and installation for React, Svelte, and Vue.
MCP Chain of Draft (CoD) Prompt Tool
Enhances LLM reasoning by transforming prompts into Chain of Draft or Chain of Thought formats, improving quality and reducing token usage. Requires API keys for external LLM services.
Terraform MCP
A command-line tool that acts as an MCP server to interact with Terraform environments.
Model Context Protocol servers
A collection of reference server implementations for the Model Context Protocol (MCP) using Typescript and Python SDKs.
OneTool MCP
🧿 One MCP for developers - No tool tax, no context rot. 100+ tools including Brave, Gemini, Context7, Version Checker, Excel, File Ops, Database, Chrome DevTools.
A11y MCP Server
Perform accessibility audits on webpages using the axe-core engine to identify and help fix a11y issues.