JS Reverse Server

v1.0.0Securitystable

为 AI Agent 设计的 JS 逆向 MCP Server,内置反检测,基于 chrome-devtools-mcp 重构 | JS reverse engineering MCP server with agent-first tool design and built-in anti-detection. Rebuilt from chrome-devtools-mcp.

js-reversemcpai-integration
Share:
1,396
Stars
0
Downloads
0
Weekly
0/5

What is JS Reverse Server?

JS Reverse Server is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to 为 ai agent 设计的 js 逆向 mcp server,内置反检测,基于 chrome-devtools-mcp 重构 | js reverse engineering mcp server with agent-first tool design and built-in anti-detection. rebuilt from chrome-devtools-mcp.

为 AI Agent 设计的 JS 逆向 MCP Server,内置反检测,基于 chrome-devtools-mcp 重构 | JS reverse engineering MCP server with agent-first tool design and built-in anti-detection. Rebuilt from chrome-devtools-mcp.

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • 为 AI Agent 设计的 JS 逆向 MCP Server,内置反检测,基于 chrome-devtools-mcp

Use Cases

Analyze obfuscated JavaScript code with built-in anti-detection.
Enable AI agents to perform reverse engineering tasks.
zhizhuodemao

Maintainer

LicenseApache-2.0
Languagetypescript
Versionv1.0.0
UpdatedMay 21, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx js-reverse

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use JS Reverse Server

JS Reverse MCP Server is an AI-agent-first JavaScript reverse engineering tool rebuilt from chrome-devtools-mcp with a focus on anti-detection and streamlined tool design. It exposes Chrome DevTools Protocol capabilities as MCP tools so AI agents can navigate pages, inspect scripts, set breakpoints, monitor network traffic, and execute JavaScript—all while evading bot detection through Patchright's protocol-level patches. Chinese and English documentation is provided, and the server is designed for security researchers automating complex deobfuscation and hook-injection workflows.

Prerequisites

  • Node.js v20.19 or later
  • Chrome browser (stable channel) installed
  • An MCP-compatible client such as Claude Desktop
  • npm or npx for running the package
1

Add the server to Claude Desktop

Configure Claude Desktop to run js-reverse-mcp via npx. This is the same underlying package as the js-reverse-mcp entry—both slugs point to the same npm package.

{
  "mcpServers": {
    "js-reverse": {
      "command": "npx",
      "args": ["js-reverse-mcp"]
    }
  }
}
2

Clone and build for local development

For customization, clone the repository and build the TypeScript source.

git clone https://github.com/zhizhuodemao/js-reverse-mcp.git
cd js-reverse-mcp
npm install
npm run build
3

Run with built-in anti-detection

Use the --cloak flag for CloakBrowser fingerprint patching and --isolated for ephemeral browser sessions that discard state on close.

{
  "mcpServers": {
    "js-reverse": {
      "command": "npx",
      "args": ["js-reverse-mcp", "--cloak", "--isolated"]
    }
  }
}
4

Navigate to a target and list scripts

Once connected, ask the AI agent to navigate to a URL and enumerate all JavaScript resources. This is typically the first step in any reverse engineering workflow.

5

Set breakpoints and capture runtime state

Use the debugging tools to set breakpoints on specific functions or XHR calls, trigger user actions, then inspect the paused execution scope to extract encryption keys or algorithm logic.

JS Reverse Server Examples

Client configuration

Claude Desktop configuration using the js-reverse-mcp npm package with anti-detection flags.

{
  "mcpServers": {
    "js-reverse": {
      "command": "npx",
      "args": ["js-reverse-mcp", "--cloak"]
    }
  }
}

Prompts to try

After connecting the MCP server, try these reverse engineering prompts with the AI agent.

- "Navigate to the target site and list all JavaScript files loaded"
- "Search for obfuscated function names containing 'sign' or 'token' across all scripts"
- "Set a breakpoint on fetch() calls and capture the request headers"
- "Analyze this minified script and explain what it does"
- "Inject a hook on localStorage.getItem and log all key accesses"
- "Monitor XHR requests and show me the parameters being sent to /api/auth"

Troubleshooting JS Reverse Server

Chrome does not launch or crashes immediately

Verify Chrome stable is installed. On Linux, ensure `google-chrome` or `chromium-browser` is in your PATH. The server auto-launches Chrome; if it fails, start Chrome manually with `--remote-debugging-port=9222` and use the `--browserUrl http://localhost:9222` flag.

Target website detects the automation tool

Add the --cloak flag to enable CloakBrowser's 49 C++ patches that neutralize canvas fingerprinting, WebGL, audio context, and GPU-based detection. Patchright already prevents Runtime.enable CDP leakage by default.

Breakpoints are not being hit

Ensure the script is loaded before setting the breakpoint. Use the list-scripts tool first, then set the breakpoint by exact function name or line number. For dynamically loaded scripts, use XHR-based breakpoints that trigger on network activity instead.

Frequently Asked Questions about JS Reverse Server

What is JS Reverse Server?

JS Reverse Server is a Model Context Protocol (MCP) server that 为 ai agent 设计的 js 逆向 mcp server,内置反检测,基于 chrome-devtools-mcp 重构 | js reverse engineering mcp server with agent-first tool design and built-in anti-detection. rebuilt from chrome-devtools-mcp. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install JS Reverse Server?

Follow the installation instructions on the JS Reverse Server GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with JS Reverse Server?

JS Reverse Server works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is JS Reverse Server free to use?

Yes, JS Reverse Server is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

JS Reverse Server Alternatives — Similar Security Servers

Looking for alternatives to JS Reverse Server? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "js-reverse": { "command": "npx", "args": ["-y", "js-reverse"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use JS Reverse Server?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides