Unsafe-Browser-MCP

mmjaberi/Unsafe-Browser-MCP

3.3

If you are the rightful owner of Unsafe-Browser-MCP and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The Unsafe Browser MCP Server is designed for browser automation with SSL certificate bypass capabilities, intended for testing and development purposes.

Tools
5
Resources
0
Prompts
0

Unsafe Browser MCP Server

A Model Context Protocol (MCP) server that provides browser automation with SSL certificate bypass capabilities for testing and development purposes.

โš ๏ธ Security Warning

This server bypasses SSL certificate validation. It should ONLY be used for:

  • Development and testing environments
  • Internal tools with self-signed certificates
  • Legitimate security testing with authorization
  • IoT devices with invalid certificates

DO NOT use this for:

  • Production applications
  • Handling sensitive data
  • Bypassing security on public websites without authorization

๐Ÿš€ Features

  • Browser Automation: Full browser control with Playwright
  • SSL Bypass: Access sites with self-signed, expired, or invalid SSL certificates
  • Batch Fetching: Concurrent URL fetching (10-15x faster than sequential)
  • Session Management: Save and restore browser sessions
  • Screenshot Capture: Take full-page or element screenshots
  • Network Monitoring: Track network requests and responses
  • Smart Selectors: Intelligent element detection

๐Ÿ“‹ Requirements

  • Docker Desktop (with MCP support)
  • Python 3.11+ (for local development)
  • macOS, Linux, or Windows with WSL2

๐Ÿ› ๏ธ Installation

Method 1: Docker Desktop (Recommended)

  1. Clone the repository:

    git clone https://github.com/mmjaberi/Unsafe-Browser-MCP.git
cd unsafe-browser-mcp

  2. Build the Docker image:

    docker build -t unsafe-browser-mcp:latest .

  3. Add to Docker Desktop MCP Registry:

    chmod +x add-to-registry-yaml.sh
./add-to-registry-yaml.sh

  4. Restart Docker Desktop

  5. Enable in Docker Desktop:

    • Go to Settings โ†’ MCP Servers
    • Find "Unsafe Browser MCP"
    • Click Enable

Method 2: Docker Compose

docker-compose up -d

๐Ÿ“š Available Tools

Browser Automation

  • browser_navigate - Navigate to URLs with SSL bypass
  • browser_click - Click elements on pages
  • browser_fill - Fill form fields
  • browser_screenshot - Capture screenshots
  • browser_suggest_selectors - Get element selectors

Session Management

  • browser_save_session - Save browser state
  • browser_load_session - Restore browser state
  • browser_list_sessions - List saved sessions

Network Tools

  • fetch_url - Fetch single URL with SSL bypass
  • fetch_json - Fetch and parse JSON
  • download_file - Download files
  • batch_fetch - Fetch multiple URLs concurrently
  • browser_network_summary - Get network activity summary

๐Ÿ’ก Usage Examples

Navigate to a site with self-signed certificate:

unsafe-browser:browser_navigate("https://self-signed.badssl.com")

Take a screenshot:

unsafe-browser:browser_screenshot("my-screenshot.png", full_page=True)

Batch fetch multiple URLs:

unsafe-browser:batch_fetch([
    "https://example.com",
    "https://another-site.com",
    "https://third-site.com"
])

Fetch URL with SSL bypass:

unsafe-browser:fetch_url("https://expired.badssl.com")

๐Ÿ“‚ Directory Structure

unsafe-browser-mcp/
โ”œโ”€โ”€ mcp_server.py              # Main MCP server
โ”œโ”€โ”€ unsafe_browser_mcp.py      # Browser automation logic
โ”œโ”€โ”€ Dockerfile                 # Docker image definition
โ”œโ”€โ”€ docker-compose.yml         # Docker Compose configuration
โ”œโ”€โ”€ requirements.txt           # Python dependencies
โ”œโ”€โ”€ downloads/                 # Downloaded files
โ”œโ”€โ”€ screenshots/               # Captured screenshots
โ”œโ”€โ”€ logs/                      # Server logs
โ””โ”€โ”€ sessions/                  # Saved browser sessions

๐Ÿ”ง Configuration

The server uses the following volume mappings:

  • ./downloads โ†’ /app/downloads
  • ./screenshots โ†’ /app/screenshots
  • ./logs โ†’ /app/logs
  • ./sessions โ†’ /app/sessions

๐Ÿงช Testing

Test with SSL certificate issues:

# Self-signed certificate
curl https://self-signed.badssl.com

# Expired certificate
curl https://expired.badssl.com

# Wrong hostname
curl https://wrong.host.badssl.com

๐Ÿ“ License

MIT License - See LICENSE file for details

๐Ÿ‘ค Author

Mohamed AlJaberi

๐Ÿค Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

โš–๏ธ Legal Disclaimer

This tool is provided for legitimate testing and development purposes only. Users are responsible for ensuring they have proper authorization before testing any systems. The authors assume no liability for misuse of this software.

๐Ÿ“ž Support

For issues, questions, or contributions, please open an issue on GitHub.

Remember: With great power comes great responsibility. Use this tool ethically and legally! ๐Ÿ›ก๏ธ