JS Reverse

v2.0.2Browser Automationstable

An MCP server for JavaScript reverse engineering that enables AI to perform browser debugging, script analysis, and automated hook injection. It streamlines complex workflows like deobfuscation, network tracing, and risk assessment through direct bro

mcpmcp-serverjavascriptreverse-engineeringdevtools
Share:
1,418
Stars
0
Downloads
0
Weekly
0/5

What is JS Reverse?

JS Reverse is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp server for javascript reverse engineering that enables ai to perform browser debugging, script analysis, and automated hook injection. it streamlines complex workflows like deobfuscation, network ...

An MCP server for JavaScript reverse engineering that enables AI to perform browser debugging, script analysis, and automated hook injection. It streamlines complex workflows like deobfuscation, network tracing, and risk assessment through direct bro

This server falls under the Browser Automation and Security categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • An MCP server for JavaScript reverse engineering that enable

Use Cases

Perform JavaScript reverse engineering with browser debugging.
Automate hook injection and script analysis for security testing.
Streamline deobfuscation and anti-detection workflows.
zhizhuodemao

Maintainer

LicenseApache 2.0
Languagetypescript
Versionv2.0.2
UpdatedMay 22, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

NPM

npx -y js-reverse-mcp

Manual Installation

npx -y js-reverse-mcp

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use JS Reverse

JS Reverse MCP is an MCP server purpose-built for JavaScript reverse engineering tasks that lets AI agents control a Chromium browser via Chrome DevTools Protocol (CDP) to analyze obfuscated scripts, set breakpoints, trace network calls, and inspect runtime state. It exposes 21 tools covering navigation, script discovery, debugging, network monitoring, and JavaScript evaluation, all with built-in anti-detection via Patchright to prevent sites from identifying automation. Security researchers and developers use it to automate complex workflows like deobfuscation, WebSocket tracing, and call-stack analysis that would otherwise require hours of manual DevTools work.

Prerequisites

  • Node.js v20.19 or later
  • Chrome browser (stable channel) installed
  • An MCP-compatible client such as Claude Desktop
  • Optional: CloakBrowser binary for hardware-level fingerprint patching (49 C++ patches)
1

Add the server to Claude Desktop via npx

The simplest setup uses npx to run js-reverse-mcp directly without a local clone. Add it to your claude_desktop_config.json.

{
  "mcpServers": {
    "js-reverse": {
      "command": "npx",
      "args": ["js-reverse-mcp"]
    }
  }
}
2

Or clone and build locally for development

For customization or development, clone the repository and build from source.

git clone https://github.com/zhizhuodemao/js-reverse-mcp.git
cd js-reverse-mcp
npm install
npm run build
3

Enable anti-detection mode (optional)

Add the --cloak flag to activate CloakBrowser with 49 C++ fingerprint patches that hide canvas, WebGL, audio, and GPU signals. Use --isolated for a temporary profile that discards cookies after each session.

{
  "mcpServers": {
    "js-reverse": {
      "command": "npx",
      "args": ["js-reverse-mcp", "--cloak", "--isolated"]
    }
  }
}
4

Connect to an existing Chrome instance

If you have Chrome running with remote debugging enabled, connect to it directly instead of launching a new browser.

# Start Chrome with remote debugging:
google-chrome --remote-debugging-port=9222

# Then configure the server to connect to it:
{
  "mcpServers": {
    "js-reverse": {
      "command": "npx",
      "args": ["js-reverse-mcp", "--browserUrl", "http://localhost:9222"]
    }
  }
}
5

Enable debug logging

For troubleshooting, add the --logFile flag to write detailed debug output to a file.

{
  "mcpServers": {
    "js-reverse": {
      "command": "npx",
      "args": ["js-reverse-mcp", "--logFile", "/tmp/js-reverse-debug.log"]
    }
  }
}

JS Reverse Examples

Client configuration

Claude Desktop configuration for js-reverse-mcp using npx with anti-detection enabled.

{
  "mcpServers": {
    "js-reverse": {
      "command": "npx",
      "args": ["js-reverse-mcp", "--cloak"]
    }
  }
}

Prompts to try

With js-reverse-mcp connected to Claude Desktop, try these reverse engineering workflows.

- "Navigate to https://example.com and list all JavaScript files loaded on the page"
- "Search for functions containing 'encrypt' across all scripts on the current page"
- "Set a breakpoint on XMLHttpRequest.open and trigger a login action, then show me the call stack"
- "Monitor all WebSocket messages on this page for 30 seconds"
- "Evaluate this JavaScript expression in the page context and return the result"
- "Take a screenshot of the current browser state"

Troubleshooting JS Reverse

Chrome fails to launch or the server cannot connect to the browser

Ensure Chrome stable is installed and accessible in your system PATH. On macOS, Chrome is typically at /Applications/Google Chrome.app/Contents/MacOS/Google Chrome. The server launches Chrome automatically; if it fails, try the --browserUrl flag to connect to a manually started Chrome instance with --remote-debugging-port=9222.

Websites detect automation despite using Patchright

Enable the --cloak flag to activate CloakBrowser's 49 C++ fingerprint patches for canvas, WebGL, audio, and GPU signals. This provides protocol-level anti-detection in addition to Patchright's Runtime.enable leak prevention.

Node.js version incompatibility error on startup

js-reverse-mcp requires Node.js v20.19 or later. Check your version with `node --version`. If below v20.19, upgrade using nvm: `nvm install 20 && nvm use 20`.

Frequently Asked Questions about JS Reverse

What is JS Reverse?

JS Reverse is a Model Context Protocol (MCP) server that mcp server for javascript reverse engineering that enables ai to perform browser debugging, script analysis, and automated hook injection. it streamlines complex workflows like deobfuscation, network tracing, and risk assessment through direct bro It connects AI assistants to external tools and data sources through a standardized interface.

How do I install JS Reverse?

Install via npm with the command: npx -y js-reverse-mcp. Then add the server configuration to your AI client's JSON config file (e.g., claude_desktop_config.json or .cursor/mcp.json).

Which AI clients work with JS Reverse?

JS Reverse works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is JS Reverse free to use?

Yes, JS Reverse is open source and available under the Apache 2.0 license. You can use it freely in both personal and commercial projects.

Browse More Browser Automation MCP Servers

Explore all browser automation servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "js-reverse-mcp": { "command": "npx", "args": ["-y", "js-reverse-mcp"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use JS Reverse?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides