MCP Server Pentest is a browser automation tool that enables AI assistants to perform security testing for web applications, specifically focusing on XSS and SQL injection vulnerability detection. Built on Playwright and Firefox, it provides tools for automatically testing URL parameters against common attack vectors, capturing screenshots of vulnerable pages, and manipulating web elements through various interaction methods. The server includes comprehensive error handling with fallback mechanisms for strict mode violations, making it particularly valuable for security professionals who need to conduct preliminary vulnerability assessments without leaving their AI assistant interface.
No reviews yet. Be the first to review!
Sign in to join the conversation
Test whether the URL has an XSS vulnerability. Parameters: url (string), paramName (string)
Test whether the URL has SQL injection vulnerabilities. Parameters: url (string), paramName (string)
Navigate to any URL in the browser. Parameters: url (string)
Capture screenshots of the entire page or specific elements. Parameters: name (string, required), selector (optional string), fullPage (optional boolean, default: false)
Click elements on the page using CSS selector. Parameters: selector (string)
Click elements on the page by their text content. Parameters: text (string)
Hover over elements on the page using CSS selector. Parameters: selector (string)
Hover over elements on the page by their text content. Parameters: text (string)
Fill out input fields. Parameters: selector (string), value (string)
Select an option in a SELECT element using CSS selector. Parameters: selector (string), value (string)
Select an option in a SELECT element by its text content. Parameters: text (string), value (string)
Execute JavaScript in the browser console. Parameters: script (string)
