9olidity_mcp_server_pentest

9olidity_mcp_server_pentest

by 9olidity
A tool for automated detection of XSS and SQL vulnerabilities in web applications using browser interaction.

Automated Web Vulnerability Testing with MCP Server

Overview

The MCP Server Pentest project is a powerful tool designed for automated web vulnerability testing. It leverages the Playwright framework to detect XSS and SQL injection vulnerabilities, capture screenshots, and interact with web pages programmatically.

Features

  • Full browser XSS and SQL vulnerability detection
  • Screenshots of entire pages or specific elements
  • Comprehensive network interaction (navigation, clicks, form filling)
  • Console log monitoring
  • JavaScript execution in the browser context

Installation

Installing

npx playwright install firefox
yarn install
npm run build

Configuration

The installation process automatically adds the following configuration to your Claude config file:

{
  "mcpServers": {
    "playwright": {
      "command": "npx",
      "args": [
        "-y",
        "/Users/...../dist/index.js"
      ],
      "disabled": false,
      "autoApprove": []
    }
  }
}

Components

Tools

broser_url_reflected_xss

Test whether the URL has an XSS vulnerability.

{
  "url": "https://test.com",
  "paramName":"text"
}

XSS Example

browser_url_sql_injection

Test whether the URL has SQL injection vulnerabilities.

{
  "url": "https://test.com",
  "paramName":"text"
}

SQL Injection Example

browser_navigate

Navigate to any URL in the browser.

{
  "url": "https://stealthbrowser.cloud"
}

browser_screenshot

Capture screenshots of the entire page or specific elements.

{
  "name": "screenshot-name",     // required
  "selector": "#element-id",     // optional
  "fullPage": true              // optional, default: false
}

browser_click

Click elements on the page using CSS selector.

{
  "selector": "#button-id"
}

browser_click_text

Click elements on the page by their text content.

{
  "text": "Click me"
}

browser_hover

Hover over elements on the page using CSS selector.

{
  "selector": "#menu-item"
}

browser_hover_text

Hover over elements on the page by their text content.

{
  "text": "Hover me"
}

browser_fill

Fill out input fields.

{
  "selector": "#input-field",
  "value": "Hello World"
}

browser_select

Select an option in a SELECT element using CSS selector.

{
  "selector": "#dropdown",
  "value": "option-value"
}

browser_select_text

Select an option in a SELECT element by its text content.

{
  "text": "Choose me",
  "value": "option-value"
}

browser_evaluate

Execute JavaScript in the browser console.

{
  "script": "document.title"
}

About

No description, website, or topics provided.

Resources

Readme

License

MIT license

Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks

Report repository

Releases

No releases published

Packages 0

No packages published

Languages

Features & Capabilities

Categories
mcp_server model_context_protocol javascript xss sql_injection browser_interaction playwright automated_testing

Implementation Details

View on GitHub

Stats

0 Views
5 GitHub Stars

Repository Info

9olidity Organization

Similar MCP Servers

continuedev_continue by continuedev
25049
cherryhq_cherry_studio by CherryHQ
21423
bytedance_ui_tars_desktop by bytedance
9300
2025© BestAI