Skip to main content
Glama
enesjakozh

MCP Server Pentest

by 9olidity
npmGitHub
JavaScript
MIT License
1,556
17
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

特征

  • 全浏览器xss、sql漏洞自动检测
  • 整个页面或特定元素的屏幕截图
  • 全面的网络交互(导航、点击、表单填写)
  • 控制台日志监控
  • 浏览器上下文中的 JavaScript 执行

安装

安装

npx playwright install firefox yarn install npm run build

配置

安装过程将自动将以下配置添加到您的 Claude 配置文件中:

{ "mcpServers": { "playwright": { "command": "npx", "args": [ "-y", "/Users/...../dist/index.js" ], "disabled": false, "autoApprove": [] } } }

成分

工具

broser_url_reflected_xss

测试URL是否存在XSS漏洞

{ "url": "https://test.com", "paramName":"text" }

browser_url_sql_injection

测试URL是否存在SQL注入漏洞

{ "url": "https://test.com", "paramName":"text" }

browser_navigate

导航到浏览器中的任意 URL

{ "url": "https://stealthbrowser.cloud" }
browser_screenshot

捕获整个页面或特定元素的屏幕截图

{ "name": "screenshot-name", // required "selector": "#element-id", // optional "fullPage": true // optional, default: false }
browser_click

使用 CSS 选择器单击页面上的元素

{ "selector": "#button-id" }
browser_click_text

根据文本内容点击页面上的元素

{ "text": "Click me" }
browser_hover

使用 CSS 选择器将鼠标悬停在页面上的元素上

{ "selector": "#menu-item" }
browser_hover_text

根据文本内容将鼠标悬停在页面上的元素上

{ "text": "Hover me" }
browser_fill

填写输入字段

{ "selector": "#input-field", "value": "Hello World" }
browser_select

使用 CSS 选择器在 SELECT 元素中选择一个选项

{ "selector": "#dropdown", "value": "option-value" }
browser_select_text

根据文本内容选择 SELECT 元素中的选项

{ "text": "Choose me", "value": "option-value" }
browser_evaluate

在浏览器控制台中执行 JavaScript

{ "script": "document.title" }
Install Server
A
security – no known vulnerabilities
A
license - permissive license
A
quality - confirmed to work

How are these scores calculated?

local-only server

The server can only run on the client's local machine because it depends on local resources.

Tools

View all tools

一种安全测试工具,可实现自动漏洞检测(包括 XSS 和 SQL 注入),以及用于 Web 应用程序渗透测试的全面浏览器交互功能。

  1. 安装
    1. 安装
  2. 配置
    1. 成分
      1. 工具

    Related Resources

    Related MCP Servers

    • BrowserTools MCP

      oenius
      A
      security
      A
      license
      A
      quality
      A browser monitoring and interaction tool that enables AI applications to capture and analyze browser data through a Chrome extension, supporting functions like console monitoring, screenshots, DOM analysis, and website auditing.
      Last updated -
      14
      93
      1
      JavaScript
      MIT License

    • MCP Frontend Testing Server

      StudentOfJS
      A
      security
      A
      license
      A
      quality
      Provides tools for frontend testing including code analysis, test generation, test execution, and React component testing for Jest and Cypress frameworks.
      Last updated -
      4
      17
      TypeScript
      MIT License

    • Kali Linux MCP Server

      sfz009900
      A
      security
      F
      license
      A
      quality
      A tool that allows penetration testing through Kali Linux commands executed via a Multi-Conversation Protocol server, supporting security testing operations like SQL injection and command execution.
      Last updated -
      5
      39
      TypeScript

    • MCP Vulnerability Management System

      nesirat
      -
      security
      A
      license
      -
      quality
      A comprehensive system that helps organizations track, manage, and respond to security vulnerabilities effectively through features like vulnerability tracking, user management, support tickets, API key management, and SSL certificate management.
      Last updated -
      Python
      MIT License

    View all related MCP servers

    Appeared in Searches

    New MCP Servers

    MCP directory API

    We provide all the information about MCP servers via our MCP API.

    curl -X GET 'https://glama.ai/api/mcp/v1/servers/9olidity/MCP-Server-Pentest'

    If you have feedback or need assistance with the MCP directory API, please join our Discord server