MCP Server Pentest
Automated browser penetration testing to detect XSS and SQL vulnerabilities.
MCP Server Pentest
Features
- Full browser xss, sql vulnerability automatic detection
- Screenshots of the entire page or specific elements
- Comprehensive network interaction (navigation, clicks, form filling)
- Console log monitoring
- JavaScript execution in the browser context
Installation
Installing
npx playwright install firefox
yarn install
npm run build
Configuration
The installation process will automatically add the following configuration to your Claude config file:
{
"mcpServers": {
"playwright": {
"command": "npx",
"args": [
"-y",
"/Users/...../dist/index.js"
],
"disabled": false,
"autoApprove": []
}
}
}
Components
Tools
broser_url_reflected_xss
Test whether the URL has an XSS vulnerability
{
"url": "https://test.com",
"paramName":"text"
}
browser_url_sql_injection
Test whether the URL has SQL injection vulnerabilities
{
"url": "https://test.com",
"paramName":"text"
}
browser_navigate
Navigate to any URL in the browser
{
"url": "https://stealthbrowser.cloud"
}
browser_screenshot
Capture screenshots of the entire page or specific elements
{
"name": "screenshot-name", // required
"selector": "#element-id", // optional
"fullPage": true // optional, default: false
}
browser_click
Click elements on the page using CSS selector
{
"selector": "#button-id"
}
browser_click_text
Click elements on the page by their text content
{
"text": "Click me"
}
browser_hover
Hover over elements on the page using CSS selector
{
"selector": "#menu-item"
}
browser_hover_text
Hover over elements on the page by their text content
{
"text": "Hover me"
}
browser_fill
Fill out input fields
{
"selector": "#input-field",
"value": "Hello World"
}
browser_select
Select an option in a SELECT element using CSS selector
{
"selector": "#dropdown",
"value": "option-value"
}
browser_select_text
Select an option in a SELECT element by its text content
{
"text": "Choose me",
"value": "option-value"
}
browser_evaluate
Execute JavaScript in the browser console
{
"script": "document.title"
}
관련 서버
Alpha Vantage MCP Server
스폰서Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Python Weather Server
A FastAPI-based server that provides weather information from the National Weather Service API, secured with OAuth 2.1.
Damn Vulnerable MCP Server
A server designed to be intentionally vulnerable for security testing and educational purposes.
Cloudflare MCP Server
An example MCP server designed for easy deployment on Cloudflare Workers, operating without authentication.
markmap-http-mcp
An MCP server for converting Markdown to interactive mind maps with export support (PNG/JPG/SVG). Server runs as HTTP service.
ShellAgent
An MCP server for executing shell commands, requiring Node.js 18 or newer.
Arcjet
Arcjet is the runtime security platform that ships with your AI code.
mcp-rubber-duck
Query multiple LLMs in parallel from AI coding tools — rubber duck debugging, but the ducks talk back.
Debugger MCP Server
A development tool for real-time debugging, code quality monitoring, and AI insights for React/Next.js applications.
Shadcn UI MCP Server
A powerful and flexible MCP server designed to enhance the development experience with Shadcn UI components, providing tools for component management, documentation, and installation.
Plith
AI agent infrastructure suite — task deduplication, cost prediction, output validation, behavioral governance, shared failure intelligence. 5 products, 14 MCP tools, 1 API key.