Skip to main content
Glama
Sign In
enesjakozh

MCP Server Pentest

by 9olidity
npmGitHub
JavaScript
MIT License
327
5
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

特征

  • 全浏览器xss、sql漏洞自动检测
  • 整个页面或特定元素的屏幕截图
  • 全面的网络交互(导航、点击、表单填写)
  • 控制台日志监控
  • 浏览器上下文中的 JavaScript 执行

安装

安装

npx playwright install firefox yarn install npm run build

配置

安装过程将自动将以下配置添加到您的 Claude 配置文件中:

{ "mcpServers": { "playwright": { "command": "npx", "args": [ "-y", "/Users/...../dist/index.js" ], "disabled": false, "autoApprove": [] } } }

成分

工具

broser_url_reflected_xss

测试URL是否存在XSS漏洞

{ "url": "https://test.com", "paramName":"text" }

browser_url_sql_injection

测试URL是否存在SQL注入漏洞

{ "url": "https://test.com", "paramName":"text" }

browser_navigate

导航到浏览器中的任意 URL

{ "url": "https://stealthbrowser.cloud" }
browser_screenshot

捕获整个页面或特定元素的屏幕截图

{ "name": "screenshot-name", // required "selector": "#element-id", // optional "fullPage": true // optional, default: false }
browser_click

使用 CSS 选择器单击页面上的元素

{ "selector": "#button-id" }
browser_click_text

根据文本内容点击页面上的元素

{ "text": "Click me" }
browser_hover

使用 CSS 选择器将鼠标悬停在页面上的元素上

{ "selector": "#menu-item" }
browser_hover_text

根据文本内容将鼠标悬停在页面上的元素上

{ "text": "Hover me" }
browser_fill

填写输入字段

{ "selector": "#input-field", "value": "Hello World" }
browser_select

使用 CSS 选择器在 SELECT 元素中选择一个选项

{ "selector": "#dropdown", "value": "option-value" }
browser_select_text

根据文本内容选择 SELECT 元素中的选项

{ "text": "Choose me", "value": "option-value" }
browser_evaluate

在浏览器控制台中执行 JavaScript

{ "script": "document.title" }

You must be authenticated.

A
security – no known vulnerabilities
A
license - permissive license
A
quality - confirmed to work

local-only server

The server can only run on the client's local machine because it depends on local resources.

Tools

View all tools

一种安全测试工具,可实现自动漏洞检测(包括 XSS 和 SQL 注入),以及用于 Web 应用程序渗透测试的全面浏览器交互功能。

  1. 安装
    1. 安装
  2. 配置
    1. 成分
      1. 工具

    Related Resources

    Related MCP Servers

    • MCP Web Browser Server

      random-robbie
      A
      security
      A
      license
      A
      quality
      An advanced web browsing server enabling headless browser interactions via a secure API, providing features like navigation, content extraction, element interaction, and screenshot capture.
      Last updated -
      6
      9
      Python
      MIT License

    • Chrome Debug MCP Server

      robertheadley
      A
      security
      F
      license
      A
      quality
      Controls Chrome browser with debugging capabilities, allowing page automation, extension management, and userscript injection through the Model Context Protocol.
      Last updated -
      13
      13
      JavaScript
      • Linux
      • Apple

    • Mythic MCP

      xpn
      -
      security
      F
      license
      -
      quality
      A demonstration server that allows large language models to perform penetration testing tasks autonomously by interfacing with the Mythic C2 framework.
      Last updated -
      11
      Python
      • Apple

    • BrowserTools MCP

      oenius
      -
      security
      A
      license
      -
      quality
      A browser monitoring and interaction tool that enables AI applications to capture and analyze browser data through a Chrome extension, supporting functions like console monitoring, screenshots, DOM analysis, and website auditing.
      Last updated -
      1
      JavaScript
      MIT License

    View all related MCP servers

    Appeared in Searches

    New MCP Servers

    MCP directory API

    We provide all the information about MCP servers via our MCP API.

    curl -X GET 'https://glama.ai/api/mcp/v1/servers/9olidity/MCP-Server-Pentest'

    If you have feedback or need assistance with the MCP directory API, please join our Discord server