MCP Server Pentest
@9olidity
About MCP Server Pentest
No overview available yet
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"playwright": {
"command": "npx",
"args": [
"-y",
"/Users/...../dist/index.js"
],
"disabled": false,
"autoApprove": []
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is MCP Server Pentest?
MCP Server Pentest is an MCP server that automates browser-based security vulnerability detection (XSS and SQL injection) and provides comprehensive browser automation capabilities. It is intended for security testers and developers who need to scan web applications for common vulnerabilities and interact with browser pages programmatically.
How to use MCP Server Pentest?
Install dependencies with npx playwright install firefox, then run yarn install and npm run build. The installation automatically adds a configuration entry to your Claude config file, which points to the built server script. Once configured, you can invoke its tools from Claude.
Key features of MCP Server Pentest
- Automatic XSS and SQL injection vulnerability detection
- Full page and element screenshots
- Browser navigation, clicking, hovering, form filling, and selection
- Console log monitoring
- JavaScript execution in the browser context
Use cases of MCP Server Pentest
- Scanning web application URLs for reflected XSS vulnerabilities
- Testing for SQL injection vulnerabilities in URL parameters
- Automating browser interactions during security audits
- Capturing screenshots of web pages or specific elements for documentation
- Executing custom JavaScript to inspect or modify page behavior
FAQ from MCP Server Pentest
What vulnerability detection tools are available?
The server provides broser_url_reflected_xss for XSS testing and browser_url_sql_injection for SQL injection testing. Both accept a URL and a parameter name.
How do I install and configure the server?
Run npx playwright install firefox, then yarn install and npm run build. The installation automatically adds a configuration entry to your Claude MCP settings file with the server command pointing to the built dist/index.js.
What browser automation tools does it offer?
Tools include browser_navigate, browser_screenshot, browser_click, browser_click_text, browser_hover, browser_hover_text, browser_fill, browser_select, browser_select_text, and browser_evaluate for executing JavaScript.
Does it support console log monitoring?
Yes, console log monitoring is listed as a feature, though no dedicated tool is documented for it.
What are the runtime dependencies?
The server requires Node.js, Playwright (specifically Firefox), and the packages installed via yarn install and npm run build.
More Other MCP servers
MaxKB
1Panel-dev🔥 MaxKB is an open-source platform for building enterprise-grade agents. 强大易用的开源企业级智能体平台。
Inbox Zero AI MCP
elie222The world's best AI personal assistant for email. Open source app to help you reach inbox zero fast.
MCP Toolbox for Databases
googleapisMCP Toolbox for Databases is an open source MCP server for databases.
🪟 Windows-MCP
CursorTouchMCP Server for Computer Use in Windows

EverArt
modelcontextprotocolModel Context Protocol Servers
Comments