 
            
            
            
            
        MCP Server Pentest
Features
- Full browser xss, sql vulnerability automatic detection
- Screenshots of the entire page or specific elements
- Comprehensive network interaction (navigation, clicks, form filling)
- Console log monitoring
- JavaScript execution in the browser context
Installation
Installing
npx playwright install firefox
yarn install 
npm run build 
Configuration
The installation process will automatically add the following configuration to your Claude config file:
{
  "mcpServers": {
    "playwright": {
      "command": "npx",
      "args": [
        "-y",
        "/Users/...../dist/index.js"
      ],
      "disabled": false,
      "autoApprove": []
    }
  }
}
Components
Tools
broser_url_reflected_xss
Test whether the URL has an XSS vulnerability
{
  "url": "https://test.com",
  "paramName":"text"
}

browser_url_sql_injection
Test whether the URL has SQL injection vulnerabilities
{
  "url": "https://test.com",
  "paramName":"text"
}

browser_navigate
Navigate to any URL in the browser
{
  "url": "https://stealthbrowser.cloud"
}
browser_screenshot
Capture screenshots of the entire page or specific elements
{
  "name": "screenshot-name",     // required
  "selector": "#element-id",     // optional
  "fullPage": true              // optional, default: false
}
browser_click
Click elements on the page using CSS selector
{
  "selector": "#button-id"
}
browser_click_text
Click elements on the page by their text content
{
  "text": "Click me"
}
browser_hover
Hover over elements on the page using CSS selector
{
  "selector": "#menu-item"
}
browser_hover_text
Hover over elements on the page by their text content
{
  "text": "Hover me"
}
browser_fill
Fill out input fields
{
  "selector": "#input-field",
  "value": "Hello World"
}
browser_select
Select an option in a SELECT element using CSS selector
{
  "selector": "#dropdown",
  "value": "option-value"
}
browser_select_text
Select an option in a SELECT element by its text content
{
  "text": "Choose me",
  "value": "option-value"
}
browser_evaluate
Execute JavaScript in the browser console
{
  "script": "document.title"
}
相关推荐
I craft unique cereal names, stories, and ridiculously cute Cereal Baby images.
I find academic articles and books for research and literature reviews.
Evaluator for marketplace product descriptions, checks for relevancy and keyword stuffing.
Confidential guide on numerology and astrology, based of GG33 Public information
Emulating Dr. Jordan B. Peterson's style in providing life advice and insights.
Advanced software engineer GPT that excels through nailing the basics.
Your go-to expert in the Rust ecosystem, specializing in precise code interpretation, up-to-date crate version checking, and in-depth source code analysis. I offer accurate, context-aware insights for all your Rust programming questions.
Converts Figma frames into front-end code for various mobile frameworks.
Discover the most comprehensive and up-to-date collection of MCP servers in the market. This repository serves as a centralized hub, offering an extensive catalog of open-source and proprietary MCP servers, complete with features, documentation links, and contributors.
The all-in-one Desktop & Docker AI application with built-in RAG, AI agents, No-code agent builder, MCP compatibility, and more.
Micropython I2C-based manipulation of the MCP series GPIO expander, derived from Adafruit_MCP230xx
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
🧑🚀 全世界最好的LLM资料总结(Agent框架、辅助编程、数据处理、模型训练、模型推理、o1 模型、MCP、小语言模型、视觉语言模型) | Summary of the world's best LLM resources.
Mirror ofhttps://github.com/agentience/practices_mcp_server
Reviews
 
                                    user_BMJ7WLLe
As a dedicated user of MCP-Server-Pentest by 9olidity, I must say this server penetration testing tool is absolutely impressive! It offers comprehensive features and robust capabilities that make security testing seamless and efficient. I highly recommend checking out the project on GitHub: https://github.com/9olidity/MCP-Server-Pentest. Great job, 9olidity!
 
     
                                                             
                                                             
                                                             
                                                             
                                                             
                                                             
                                                             
                                                             
                                                            