Playwright

Playwright

A security testing tool that enables automated vulnerability detection including XSS and SQL injection, along with comprehensive browser interaction capabilities for web application penetration testing.

9olidity

Browser Automation
Visit Server

Tools

browser_navigate

Navigate to a URL

browser_screenshot

Take a screenshot of the current page or a specific element

browser_click

Click an element on the page using CSS selector

broser_url_reflected_xss

Test whether the URL has an XSS vulnerability

browser_click_text

Click an element on the page by its text content

browser_fill

Fill out an input field

browser_select

Select an element on the page with Select tag using CSS selector

browser_select_text

Select an element on the page with Select tag by its text content

browser_hover

Hover an element on the page using CSS selector

browser_hover_text

Hover an element on the page by its text content

browser_evaluate

Execute JavaScript in the browser console

browser_url_sql_injection

Test whether the URL has SQL injection vulnerabilities

README

<h1 align="center">MCP Server Pentest</h1>

Features

  • Full browser xss, sql vulnerability automatic detection
  • Screenshots of the entire page or specific elements
  • Comprehensive network interaction (navigation, clicks, form filling)
  • Console log monitoring
  • JavaScript execution in the browser context

Installation

Installing

npx playwright install firefox
yarn install 
npm run build

Configuration

The installation process will automatically add the following configuration to your Claude config file:

{
  "mcpServers": {
    "playwright": {
      "command": "npx",
      "args": [
        "-y",
        "/Users/...../dist/index.js"
      ],
      "disabled": false,
      "autoApprove": []
    }
  }
}

Components

Tools

broser_url_reflected_xss

Test whether the URL has an XSS vulnerability

{
  "url": "https://test.com",
  "paramName":"text"
}

browser_url_sql_injection

Test whether the URL has SQL injection vulnerabilities

{
  "url": "https://test.com",
  "paramName":"text"
}

browser_navigate

Navigate to any URL in the browser

{
  "url": "https://stealthbrowser.cloud"
}

browser_screenshot

Capture screenshots of the entire page or specific elements

{
  "name": "screenshot-name",     // required
  "selector": "#element-id",     // optional
  "fullPage": true              // optional, default: false
}

browser_click

Click elements on the page using CSS selector

{
  "selector": "#button-id"
}

browser_click_text

Click elements on the page by their text content

{
  "text": "Click me"
}

browser_hover

Hover over elements on the page using CSS selector

{
  "selector": "#menu-item"
}

browser_hover_text

Hover over elements on the page by their text content

{
  "text": "Hover me"
}

browser_fill

Fill out input fields

{
  "selector": "#input-field",
  "value": "Hello World"
}

browser_select

Select an option in a SELECT element using CSS selector

{
  "selector": "#dropdown",
  "value": "option-value"
}

browser_select_text

Select an option in a SELECT element by its text content

{
  "text": "Choose me",
  "value": "option-value"
}

browser_evaluate

Execute JavaScript in the browser console

{
  "script": "document.title"
}

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Playwright MCP Server

Playwright MCP Server

Provides a server utilizing Model Context Protocol to enable human-like browser automation with Playwright, allowing control over browser actions such as navigation, element interaction, and scrolling.

Featured
Local
TypeScript
@kazuph/mcp-fetch

@kazuph/mcp-fetch

Model Context Protocol server for fetching web content and processing images. This allows Claude Desktop (or any MCP client) to fetch web content and handle images appropriately.

Featured
Local
JavaScript
DuckDuckGo MCP Server

DuckDuckGo MCP Server

A Model Context Protocol (MCP) server that provides web search capabilities through DuckDuckGo, with additional features for content fetching and parsing.

Featured
Python
YouTube Transcript MCP Server

YouTube Transcript MCP Server

This server retrieves transcripts for given YouTube video URLs, enabling integration with Goose CLI or Goose Desktop for transcript extraction and processing.

Featured
Python
serper-search-scrape-mcp-server

serper-search-scrape-mcp-server

This Serper MCP Server supports search and webpage scraping, and all the most recent parameters introduced by the Serper API, like location.

Featured
TypeScript
The Verge News MCP Server

The Verge News MCP Server

Provides tools to fetch and search news from The Verge's RSS feed, allowing users to get today's news, retrieve random articles from the past week, and search for specific keywords in recent Verge content.

Featured
TypeScript
Tavily MCP Server

Tavily MCP Server

Provides AI-powered web search capabilities using Tavily's search API, enabling LLMs to perform sophisticated web searches, get direct answers to questions, and search recent news articles.

Featured
Python
mcp-pinterest

mcp-pinterest

A Pinterest Model Context Protocol (MCP) server for image search and information retrieval

Featured
TypeScript
Crawlab MCP Server

Crawlab MCP Server

Official
Python