Skip to main content
Glama
enesjakozh

MCP Server Pentest

by 9olidity
npmGitHub
JavaScript
MIT License
633
20
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

特征

  • 全浏览器xss、sql漏洞自动检测

  • 整个页面或特定元素的屏幕截图

  • 全面的网络交互(导航、点击、表单填写)

  • 控制台日志监控

  • 浏览器上下文中的 JavaScript 执行

安装

安装

npx playwright install firefox yarn install npm run build

配置

安装过程将自动将以下配置添加到您的 Claude 配置文件中:

{ "mcpServers": { "playwright": { "command": "npx", "args": [ "-y", "/Users/...../dist/index.js" ], "disabled": false, "autoApprove": [] } } }

成分

工具

broser_url_reflected_xss

测试URL是否存在XSS漏洞

{ "url": "https://test.com", "paramName":"text" }

browser_url_sql_injection

测试URL是否存在SQL注入漏洞

{ "url": "https://test.com", "paramName":"text" }

browser_navigate

导航到浏览器中的任意 URL

{ "url": "https://stealthbrowser.cloud" }

browser_screenshot

捕获整个页面或特定元素的屏幕截图

{ "name": "screenshot-name", // required "selector": "#element-id", // optional "fullPage": true // optional, default: false }

browser_click

使用 CSS 选择器单击页面上的元素

{ "selector": "#button-id" }

browser_click_text

根据文本内容点击页面上的元素

{ "text": "Click me" }

browser_hover

使用 CSS 选择器将鼠标悬停在页面上的元素上

{ "selector": "#menu-item" }

browser_hover_text

根据文本内容将鼠标悬停在页面上的元素上

{ "text": "Hover me" }

browser_fill

填写输入字段

{ "selector": "#input-field", "value": "Hello World" }

browser_select

使用 CSS 选择器在 SELECT 元素中选择一个选项

{ "selector": "#dropdown", "value": "option-value" }

browser_select_text

根据文本内容选择 SELECT 元素中的选项

{ "text": "Choose me", "value": "option-value" }

browser_evaluate

在浏览器控制台中执行 JavaScript

{ "script": "document.title" }
Deploy Server
A
security – no known vulnerabilities
A
license - permissive license
A
quality - confirmed to work

How are these scores calculated?

local-only server

The server can only run on the client's local machine because it depends on local resources.

Tools

View all tools

一种安全测试工具,可实现自动漏洞检测(包括 XSS 和 SQL 注入),以及用于 Web 应用程序渗透测试的全面浏览器交互功能。

  1. 安装
    1. 安装
  2. 配置
    1. 成分
      1. 工具

    Related Resources

    Related MCP Servers

    • MCP Vulnerability Management System

      nesirat
      -
      security
      A
      license
      -
      quality
      A comprehensive system that helps organizations track, manage, and respond to security vulnerabilities effectively through features like vulnerability tracking, user management, support tickets, API key management, and SSL certificate management.
      Last updated -
      MIT License

    • Adversary MCP Server

      brettbergin
      A
      security
      A
      license
      A
      quality
      A security-focused server that integrates with Cursor IDE to provide real-time vulnerability detection, exploit generation, and security insights during software development.
      Last updated -
      9
      1
      MIT License

    • Security Scanner MCP Server

      Rupeebw
      -
      security
      A
      license
      -
      quality
      Enables comprehensive security scanning of code repositories to detect secrets, vulnerabilities, dependency issues, and configuration problems. Provides real-time security checks and best practice recommendations to help developers identify and prevent security issues.
      Last updated -
      6
      2
      MIT License
      • Apple

    • Xray MCP Server

      zhangning77-tech
      -
      security
      F
      license
      -
      quality
      Enables vulnerability scanning of web applications using the xray security scanner. Provides URL scanning capabilities with configurable crawlers, plugins, and POCs to detect security vulnerabilities through natural language interactions.
      Last updated -

    View all related MCP servers

    Appeared in Searches

    New MCP Servers

    MCP directory API

    We provide all the information about MCP servers via our MCP API.

    curl -X GET 'https://glama.ai/api/mcp/v1/servers/9olidity/MCP-Server-Pentest'

    If you have feedback or need assistance with the MCP directory API, please join our Discord server