MCP Server Pentest
Automated browser penetration testing to detect XSS and SQL vulnerabilities.
MCP Server Pentest
Features
- Full browser xss, sql vulnerability automatic detection
- Screenshots of the entire page or specific elements
- Comprehensive network interaction (navigation, clicks, form filling)
- Console log monitoring
- JavaScript execution in the browser context
Installation
Installing
npx playwright install firefox
yarn install
npm run build
Configuration
The installation process will automatically add the following configuration to your Claude config file:
{
"mcpServers": {
"playwright": {
"command": "npx",
"args": [
"-y",
"/Users/...../dist/index.js"
],
"disabled": false,
"autoApprove": []
}
}
}
Components
Tools
broser_url_reflected_xss
Test whether the URL has an XSS vulnerability
{
"url": "https://test.com",
"paramName":"text"
}
browser_url_sql_injection
Test whether the URL has SQL injection vulnerabilities
{
"url": "https://test.com",
"paramName":"text"
}
browser_navigate
Navigate to any URL in the browser
{
"url": "https://stealthbrowser.cloud"
}
browser_screenshot
Capture screenshots of the entire page or specific elements
{
"name": "screenshot-name", // required
"selector": "#element-id", // optional
"fullPage": true // optional, default: false
}
browser_click
Click elements on the page using CSS selector
{
"selector": "#button-id"
}
browser_click_text
Click elements on the page by their text content
{
"text": "Click me"
}
browser_hover
Hover over elements on the page using CSS selector
{
"selector": "#menu-item"
}
browser_hover_text
Hover over elements on the page by their text content
{
"text": "Hover me"
}
browser_fill
Fill out input fields
{
"selector": "#input-field",
"value": "Hello World"
}
browser_select
Select an option in a SELECT element using CSS selector
{
"selector": "#dropdown",
"value": "option-value"
}
browser_select_text
Select an option in a SELECT element by its text content
{
"text": "Choose me",
"value": "option-value"
}
browser_evaluate
Execute JavaScript in the browser console
{
"script": "document.title"
}
相关服务器
Alpha Vantage MCP Server
赞助Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
WireMCP
Empowers LLMs with real-time network traffic analysis using tshark. Requires Wireshark's tshark to be installed.
Flux ImageGen MCP Server
An MCP server for generating images using the Pollinations AI API.
NeoCoder
Enables AI assistants to use a Neo4j knowledge graph for standardized coding workflows, acting as a dynamic instruction manual and project memory.
AppDeploy
AppDeploy lets you deploy a real, full-stack web app directly from an AI chat and turn your AI conversations into live apps, without leaving the chat or touching infrastructure.
Android Tester MCP
Automate Android devices using the Gbox SDK.
MCP Android Agent
Automate Android devices using the uiautomator2 library, requiring adb and a connected device.
Remote MCP Server (Authless)
An authentication-free, remote MCP server designed for deployment on Cloudflare Workers or local setup via npm.
MCP Bridge
A proxy server that enables existing REST APIs to be used as Model Context Protocol (MCP) servers.
MCP Jenkins
Enables secure, contextual AI interactions with Jenkins tools via the Model Context Protocol.
Gemini Image Generator
Generate high-quality images from text prompts using Google's Gemini model.