MCP-Server-Pentest

3.4

If you are the rightful owner of MCP-Server-Pentest and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

MCP Server Pentest is a tool designed for automatic detection of web vulnerabilities and interaction with web pages.

MCP Server Pentest is a comprehensive tool for testing web applications for vulnerabilities such as XSS and SQL injection. It provides features for full browser interaction, including navigation, form filling, and JavaScript execution. The tool is designed to automate the detection of vulnerabilities and provide detailed insights through screenshots and console log monitoring. It is built on top of Playwright, allowing for robust browser automation and testing capabilities. The installation process is straightforward, and the tool integrates seamlessly with existing configurations, making it a valuable asset for security professionals and developers looking to enhance their web application security testing processes.

Features

Automatic detection of XSS and SQL vulnerabilities
Ability to take screenshots of entire pages or specific elements
Comprehensive network interaction including navigation and form filling
Console log monitoring for detailed insights
JavaScript execution within the browser context

Tools

broser_url_reflected_xss
Test the URL for XSS vulnerability
browser_url_sql_injection
Test the URL for SQL injection vulnerability
browser_navigate
Navigate to any URL in your browser
browser_screenshot
Capture screenshots of entire page or specific elements
browser_click
Use the CSS selector to click on an element on the page
browser_click_text
Click on elements on the page with text content
browser_hover
Elements hovering on page using CSS selector
browser_hover_text
Elements hovering over page with text content
browser_fill
Fill in the input field
browser_select
Select an option in the SELECT element using the CSS selector
browser_select_text
Select an option in the SELECT element through text content
browser_evaluate
Execute JavaScript in the browser console

Related MCP Servers

View all security servers →

gateway

4.0

by centralmind

CentralMind Gateway is a tool designed to expose databases to AI agents via MCP or OpenAPI protocols, providing secure, LLM-optimized APIs.

databases

remote-auth-mcp-apim-py

3.7

by localden

This document provides a guide on deploying an Entra ID-protected Model Context Protocol (MCP) server on Azure, utilizing various Azure services and tools.

cloud_platforms

enrichmcp

3.7

by featureform

MCPEngine is a production-grade, HTTP-first implementation of the Model Context Protocol (MCP), providing a secure, scalable, and modern framework for exposing data, tools, and prompts to Large Language Models (LLMs) via MCP.

developer_tools

win-cli-mcp-server

3.6

by SimonB97

MCP server for secure command-line interactions on Windows systems, enabling controlled access to PowerShell, CMD, Git Bash shells, and remote systems via SSH.

os_automation

BloodHound-MCP-AI

3.6

by MorDavid

BloodHound-MCP is a Model Context Protocol Server integration for BloodHound, enabling natural language analysis of Active Directory data.

MCP-Server-Pentest

Features

Tools

broser_url_reflected_xss

browser_url_sql_injection

browser_navigate

browser_screenshot

browser_click

browser_click_text

browser_hover

browser_hover_text

browser_fill

browser_select

browser_select_text

browser_evaluate

Related MCP Servers

gateway

remote-auth-mcp-apim-py

enrichmcp

win-cli-mcp-server

BloodHound-MCP-AI

WireMCP

BloodHound-MCP

mcp-openapi-proxy

dynatrace-mcp

mcp-shodan

MCP-Kali-Server

mcp-server-wazuh

VibeShift

jadx-mcp-plugin

sonarqube-mcp-server

roadrecon_mcp_server

aws-security-mcp

auth0-mcp-server

pentest-mcp

nutrient-dws-mcp-server

mcp-dnstwist

pyATS_MCP

chucknorris

mcp-security-audit

NGCBot-MCP

cve-search_mcp

volatility-mcp