WebScout

Name: WebScout
Rating: 4.7 (32 reviews)
Author: pyscout

Automates the reverse engineering of chat interfaces by controlling a browser, capturing network traffic, and identifying streaming API endpoints without needing official documentation.

Automates reverse engineering of chat interfaces through browser automation and network traffic analysis, capturing streaming API endpoints and providing browser control for analyzing chat APIs without official documentation.

1276 views3Local (stdio)

browser automation search web

GitHub

What it does

Reverse engineer chat interfaces automatically
Capture streaming API endpoints and network traffic
Control browser interactions (click, fill forms, navigate)
Take screenshots for visual feedback
Handle authentication and login flows
Monitor WebSocket and SSE connections

Best for

Security researchers analyzing chat applicationsDevelopers integrating with undocumented APIsAPI discovery and competitive analysisAutomating complex web interface interactions

No API keys requiredCaptures live streaming trafficPersistent browser sessions

About WebScout

WebScout is a community-built MCP server published by pyscout that provides AI assistants with tools and capabilities via the Model Context Protocol. WebScout automates chat API analysis using Selenium for software testing and packet analyzer tools to reveal hidden endp It is categorized under browser automation, search web. This server exposes 14 tools that AI clients can invoke during conversations and coding sessions.

How to install

You can install WebScout in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server runs locally on your machine via the stdio transport.

License

WebScout is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.

Tools (14)

reverse_engineer_chat

Automatically reverse engineer a chat interface by navigating to the URL, sending a test message, and capturing all network traffic to identify streaming API endpoints. Returns discovered endpoints with their request/response patterns including Server-Sent Events (SSE), WebSocket connections, and chunked HTTP responses. Perfect for quick analysis of public chat interfaces without authentication.

initialize_session

Create a persistent browser session for step-by-step reverse engineering of complex chat interfaces. Use this when the chat requires login, multi-step navigation, or manual interaction before analysis. Returns a sessionId that must be used with all subsequent interactive tools. The session maintains cookies, authentication state, and can be used across multiple operations until explicitly closed.

take_screenshot

Capture a screenshot of the current browser page as a base64-encoded PNG image. Essential for visual feedback to understand what's displayed before deciding which buttons to click or forms to fill. Supports capturing the visible viewport, entire scrollable page, or specific elements. Returns the image as base64 string and data URL for easy display.

click_element

Click a button, link, or any interactive element on the page. Useful for navigating through multi-step interfaces, opening chat modals, starting new conversations, or triggering UI actions. Can target elements by CSS selector or by their visible text content. Automatically waits after clicking to allow page updates.

fill_form

Fill out one or multiple form fields in sequence, perfect for login forms, registration, search inputs, or any text entry. Supports pressing Enter after each field and clicking a submit button. Commonly used for authentication flows before accessing chat interfaces. Each field can be filled independently with optional Enter key press.

🔍 WebScout MCP

WebScout MCP is a powerful Model Context Protocol (MCP) server designed for reverse engineering web applications, particularly chat interfaces and streaming APIs. It provides comprehensive browser automation tools to discover, analyze, and capture network traffic from complex web applications.

✨ Key Features

🤖 Automated Reverse Engineering

One-Click Analysis: Automatically navigate to web applications and capture streaming endpoints
Smart Pattern Detection: Advanced detection of SSE, WebSocket, chunked transfers, and custom streaming formats
Network Traffic Capture: Comprehensive CDP-level monitoring of all HTTP requests, responses, and WebSocket frames
Structured Data Output: Clean, parsed data with URLs, request payloads, and response patterns

🔐 Interactive Browser Automation

Session Management: Persistent browser sessions with cookie and authentication state management
Authentication Support: Handle login forms, OAuth flows, and multi-factor authentication
Step-by-Step Navigation: Click buttons, fill forms, and navigate through complex multi-page interfaces
Visual Feedback: Take screenshots at any point to understand page state and UI elements

🎯 Advanced Network Monitoring

Real-Time Capture: Monitor streaming responses as they occur with configurable capture windows
Flexible Filtering: Capture all traffic or filter by POST requests, streaming responses, or URL patterns
WebSocket Support: Full capture of WebSocket frames, messages, and connection details
Memory Management: Configurable capture limits to prevent memory issues during long sessions

🛠️ Developer-Friendly Tools

14 Specialized Tools: Comprehensive toolkit for web scraping, testing, and API discovery
Headless or Visible: Run in headless mode for automation or visible mode for debugging
Error Handling: Robust error handling with detailed error messages and recovery options
Cross-Platform: Works on macOS, Linux, and Windows with consistent behavior

📋 Available Tools

Core Reverse Engineering

reverse_engineer_chat - Automated analysis of chat interfaces with streaming endpoint discovery
start_network_capture - Begin comprehensive network traffic monitoring
stop_network_capture - End capture and retrieve all collected data
get_network_capture_status - Check capture session status and statistics
clear_network_capture - Clear captured data without stopping the capture session

Interactive Browser Control

initialize_session - Create a new browser session for interactive operations
close_session - Clean up browser resources and end session
navigate_to_url - Navigate to different URLs within a session
switch_tab - Switch between open browser tabs

User Interaction Simulation

click_element - Click buttons, links, or any interactive elements
fill_form - Fill out form fields with automatic submission options
wait_for_element - Wait for dynamic elements to appear before continuing

Visual Inspection

take_screenshot - Capture screenshots of viewport, full page, or specific elements
get_current_page_info - Retrieve comprehensive page information and tab details

🚀 Installation

Prerequisites

Node.js 18+ - Required for ES modules and modern JavaScript features
npm - Package manager for dependency installation

Quick Setup

# Clone the repository
git clone https://github.com/pyscout/webscout-mcp
cd webscout-mcp

# Install dependencies
npm install

# Install Playwright browsers for automation
npx playwright install

📖 Usage

Method 1: MCP Server (Recommended)

Add WebScout MCP to your MCP client configuration:

{
  "mcpServers": {
    "webscout-mcp": {
      "command": "npx",
      "args": ["-y", "webscout-mcp"]
    }
  }
}

Method 2: Direct CLI Usage

# Start the MCP server directly
npm start

# Or run with node
node src/index.js

Method 3: Development Mode

# Run with visible browser for debugging
node src/index.js  # Set headless: false in session initialization

🛠️ API Examples

Basic Chat Interface Analysis

// Initialize session and analyze a chat interface
const session = await initializeSession("https://chat.example.com");
const analysis = await reverseEngineerChat("https://chat.example.com", "Hello", 8000);

console.log("Found endpoints:", analysis.length);
await closeSession(session.sessionId);

Interactive Login Flow

// Handle login and navigate to protected content
const session = await initializeSession("https://app.example.com/login");

await fillForm(session.sessionId, [
  { selector: 'input[name="email"]', value: "[email protected]" },
  { selector: 'input[name="password"]', value: "password123" }
], 'button[type="submit"]');

await waitForElement(session.sessionId, ".dashboard", 10000);
const screenshot = await takeScreenshot(session.sessionId);

await closeSession(session.sessionId);

Network Traffic Capture

// Monitor all network activity on a page
const session = await initializeSession("https://api.example.com");

await startNetworkCapture(session.sessionId, {
  capturePostOnly: false,
  captureStreaming: true,
  maxCaptures: 100
});

// Perform actions that generate network traffic
await navigateToUrl(session.sessionId, "https://api.example.com/data");

const captureData = await stopNetworkCapture(session.sessionId);
console.log("Captured requests:", captureData.data.requests.length);

await closeSession(session.sessionId);

🏗️ Architecture Overview

┌─────────────────┐    ┌──────────────────┐    ┌─────────────────┐
│ Chat Interface  │───▶│ Browser Automation│───▶│ Network Capture │
│  (Target URL)   │    │   (Playwright)    │    │  (CDP + Route)  │
└─────────────────┘    └──────────────────┘    └─────────────────┘
         │                       │                       │
         ▼                       ▼                       ▼
┌─────────────────┐    ┌──────────────────┐    ┌─────────────────┐
│  Message Input  │    │  DOM Interaction  │    │ Request/Response│
│   Detection     │    │    (Auto-fill)    │    │    Analysis     │
└─────────────────┘    └──────────────────┘    └─────────────────┘
                                                       │
                                                       ▼
                                            ┌─────────────────┐
                                            │ Structured Data │
                                            │  Output (JSON)  │
                                            └─────────────────┘

Workflow

Browser Launch: Opens target URL in headless Playwright browser
Network Setup: Establishes Chrome DevTools Protocol (CDP) session and route interception
Interface Detection: Automatically locates chat input elements (textarea, contenteditable, etc.)
Message Injection: Sends test message to trigger streaming responses
Traffic Capture: Monitors network requests/responses for specified time window
Pattern Analysis: Identifies streaming patterns in captured data
Data Processing: Structures captured data into clean JSON format

Streaming Detection Patterns

The system detects multiple streaming response formats:

Server-Sent Events (SSE): data: {"content": "..."}
OpenAI-style chunks: data: {"choices": [{"delta": {"content": "..."}}]}
Event streams: event: message\ndata: {...}
JSON streaming: Objects with token, delta, content fields
Custom formats: f:{...}, 0:"...", e:{...} patterns
WebSocket messages: Binary/text frames with streaming data
Chunked responses: Transfer-encoding: chunked with streaming content

📁 Project Structure

webscout-mcp/
├── src/
│   ├── index.js                 # Main MCP server implementation
│   └── tools/                   # Specialized tool modules
│       ├── reverseEngineer.js   # Tool exports and coordination
│       ├── reverseEngineerChat.js # Automated chat analysis
│       ├── sessionManagement.js # Browser session lifecycle
│       ├── visualInspection.js  # Screenshots and page info
│       ├── interaction.js       # Clicking and form filling
│       ├── navigation.js        # URL navigation and tab switching
│       └── networkCapture.js    # Network traffic monitoring
│   └── utilities/               # Shared utility functions
│       ├── browser.js           # Browser automation utilities
│       └── network.js           # Network pattern detection
├── package.json                 # Dependencies and scripts
├── mcp-config.json              # MCP client configuration example
└── README.md                    # This documentation

🔧 Configuration

Environment Variables

Variable	Description	Default
`NODE_ENV`	Environment mode	`development`
`DEBUG`	Enable debug logging	`false`

MCP Configuration

Update your MCP client's configuration file:

{
  "mcpServers": {
    "webscout-mcp": {
      "command": "npx",
      "args": ["-y", "webscout-mcp"],
      "env": {
        "NODE_ENV": "production"
      }
    }
  }
}

Or for VS Code MCP configuration (mcp.json):

{
  "servers": {
    "webscout-mcp": {
      "command": "npx",
      "args": ["-y", "webscout-mcp"],
      "type": "stdio"
    }
  }
}

Contributing

Fork the rep

README truncated. View full README on GitHub.

Alternatives

Firecrawl

mendableai

89.6k

Unlock AI-ready web data with Firecrawl: scrape any website, handle dynamic content, and automate web scraping for resea

OfficialPopular

3.0k125

Browser Use

browser-use

79.9k

Browser Use lets LLMs and agents access and scrape any website in real time, making web scraping and web page scraping e

OfficialPopular

36616

Playwright Browser Automation

microsoft

28.4k

Enhance software testing with Playwright MCP: Fast, reliable browser automation, an innovative alternative to Selenium s

OfficialPopular

7.6k545

Chrome DevTools MCP

chromedevtools

28.1k

AI-driven control of live Chrome via Chrome DevTools: browser automation, debugging, performance analysis and network mo

OfficialPopular

50711

Related Skills

Browse all skills

browser-automation

Automate web browser interactions using natural language via CLI commands. Use when the user asks to browse websites, navigate web pages, extract data from websites, take screenshots, fill forms, click buttons, or interact with web applications. Triggers include "browse", "navigate to", "go to website", "extract data from webpage", "screenshot", "web scraping", "fill out form", "click on", "search for on the web". When taking actions be as specific as possible.

aluvia-web-unblock

Unblock websites and bypass CAPTCHAs and 403 errors using Aluvia mobile proxies. Enables web search and content extraction without browser automation.

aluvia-web-proxy

Unblock websites and bypass CAPTCHAs and 403 errors using Aluvia mobile proxies. Enables web search and content extraction without browser automation.

dev-browser

Browser automation with persistent page state. Use when users ask to navigate websites, fill forms, take screenshots, extract web data, test web apps, or automate browser workflows. Trigger phrases include "go to [url]", "click on", "fill out the form", "take a screenshot", "scrape", "automate", "test the website", "log into", or any browser interaction request.

chrome-devtools

Browser automation, debugging, and performance analysis using Puppeteer CLI scripts. Use for automating browsers, taking screenshots, analyzing performance, monitoring network traffic, web scraping, form automation, and JavaScript debugging.

qa-tester

"Browser automation QA testing skill. Systematically tests web applications for functionality, security, and usability issues. Reports findings by severity (CRITICAL/HIGH/MEDIUM/LOW) with immediate alerts for critical failures."