%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
MCP Server Pt
Web Application Penetration Testing MCP is a comprehensive tool focusing on the analysis of business logic security vulnerabilities. Through systematic crawling and analysis, it can identify security issues that standard scanners cannot detect.
rating : 2.5 points
downloads : 5.2K
What is Web Application Penetration Testing MCP?
Web Application Penetration Testing MCP is a tool specifically designed to analyze the security of web applications. It can not only detect common vulnerabilities but also thoroughly examine potential risks in business logic.How to use Web Application Penetration Testing MCP?
You can start the scan through simple command - line operations, generate detailed reports, and visually display the application structure.Applicable scenarios
Suitable for enterprises or teams that need to conduct regular security reviews, especially in scenarios where business logic security is a concern.Main features
Automatically build application structure diagrams
Systematically crawl and map the entire web application, including all links, forms, and interactive elements.
Intelligent authentication processing
Automatically identify login/logout pages and support authentication based on cookies or Bearer Tokens.
In - depth business logic analysis
Detect potential IDOR (Insecure Direct Object Reference) vulnerabilities, permission control issues, and anomalies in multi - step workflows.
Advanced input testing
Generate corresponding test values according to field types and mine sensitive information in hidden fields.
Visualization support
Generate site maps in DOT format for easy graphical viewing via Graphviz.
Advantages
Comprehensively cover areas not reached by standard scanners
Powerful business logic analysis capabilities
Support multiple authentication mechanisms
Limitations
May require more manual intervention in complex environments
Some advanced features depend on specific configurations
How to use
Install the tool
Clone the project repository and install dependencies in the local environment.
%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%230080ff;%20}%20%3c/style%3e%3c/defs%3e%3cpath%20class='st0'%20d='M16.2,11.1c.4.5.4,1.2,0,1.8l-4.7,7.1h-3.8l5.3-8L7.6,4h3.8l4.7,7.1Z'/%3e%3c/svg%3e)
Start the scan
Run the script and specify the target URL to start the scan.
Generate visual charts
Use the Graphviz tool to generate site map images.
Usage examples
Basic scan
Perform a basic security scan on a specified website.
Scan with authentication
Simulate the scanning process in a logged - in state.
Visual output
Convert the scan results into an intuitive graphical view.
Frequently Asked Questions
Does it support custom request headers?
Can the scanning speed be adjusted?
How to limit the scanning scope?
Related resources
Official documentation
Detailed introduction to the tool's functions and usage.
GitHub code repository
Source code hosting address.
Example video tutorial
Watch a demonstration video on how to quickly get started with the tool.
Notion Api MCP
Certified
A Python-based MCP Server that provides advanced to-do list management and content organization functions through the Notion API, enabling seamless integration between AI models and Notion.
Python
14.8K
4.5 points
Markdownify MCP
Markdownify is a multi-functional file conversion service that supports converting multiple formats such as PDFs, images, audio, and web page content into Markdown format.
TypeScript
24.8K
5 points
Gitlab MCP Server
Certified
The GitLab MCP server is a project based on the Model Context Protocol that provides a comprehensive toolset for interacting with GitLab accounts, including code review, merge request management, CI/CD configuration, and other functions.
TypeScript
15.6K
4.3 points
Duckduckgo MCP Server
Certified
The DuckDuckGo Search MCP Server provides web search and content scraping services for LLMs such as Claude.
Python
43.6K
4.3 points
Unity
Certified
UnityMCP is a Unity editor plugin that implements the Model Context Protocol (MCP), providing seamless integration between Unity and AI assistants, including real - time state monitoring, remote command execution, and log functions.
C#
20.3K
5 points
Figma Context MCP
Framelink Figma MCP Server is a server that provides access to Figma design data for AI programming tools (such as Cursor). By simplifying the Figma API response, it helps AI more accurately achieve one - click conversion from design to code.
TypeScript
45.6K
4.5 points
Gmail MCP Server
A Gmail automatic authentication MCP server designed for Claude Desktop, supporting Gmail management through natural language interaction, including complete functions such as sending emails, label management, and batch operations.
TypeScript
15.0K
4.5 points
Minimax MCP Server
The MiniMax Model Context Protocol (MCP) is an official server that supports interaction with powerful text-to-speech, video/image generation APIs, and is suitable for various client tools such as Claude Desktop and Cursor.
Python
29.4K
4.8 points