-
Notifications
You must be signed in to change notification settings - Fork 454
Playwright Browser Automation
The AI agent can use Playwright to interact with web applications through a real headless Chromium browser. This is essential for testing modern JavaScript-heavy applications, SPAs, and any page where curl only returns empty loader HTML.
Playwright is a browser automation framework that controls headless Chromium inside the Kali sandbox container. It is exposed to the AI agent as the execute_playwright MCP tool on port 8005.
| Feature | Description |
|---|---|
| JS rendering | Fully renders JavaScript -- handles React, Angular, Vue, and other SPAs |
| Form interaction | Fill inputs, click buttons, submit forms, handle CSRF tokens automatically |
| Content extraction | Extract visible text or raw HTML from any page or element |
| Custom scripting | Run multi-step browser workflows (login, navigate, extract, verify) |
| Chrome spoofing | Uses a Chrome 120 user-agent for realistic requests |
The simplest way to use Playwright. Provide a URL and optionally a CSS selector and format.
How to ask the agent:
- "Use Playwright to get the content of http://10.0.0.5:3000"
- "Extract the login form HTML from http://10.0.0.5/login"
- "Get the text inside the .dashboard-panel element"
Parameters:
| Parameter | Required | Default | Description |
|---|---|---|---|
url |
Yes | -- | URL to navigate to |
selector |
No | entire page | CSS selector to target a specific element |
format |
No | text |
text for visible text, html for raw HTML |
The browser navigates to the URL, waits for the page to finish loading (network idle), and extracts the content.
For complex multi-step interactions. You provide Python code that uses Playwright's sync API. Three variables are pre-initialized for you:
| Variable | What it is |
|---|---|
browser |
Headless Chromium instance |
context |
Browser context with Chrome user-agent |
page |
A new page ready for navigation |
Use print() to send output back to the agent.
How to ask the agent:
- "Run a Playwright script to log in with admin/admin and show the dashboard"
- "Use Playwright to fill the search form with an XSS payload and show the response"
- "Write a Playwright script to extract all links from the target homepage"
Here are some things you can ask the agent in the chat:
"Use Playwright to extract the page content from http://10.0.0.5:8080"
"Get the HTML of the login form at http://10.0.0.5/login using Playwright"
"Extract the navigation menu from the target homepage"
"Use Playwright to try logging in with admin/password on http://10.0.0.5/login"
"Run a Playwright script to fill the login form and check if we get access"
"Test XSS by injecting a script tag into the search field using Playwright"
"Use Playwright to submit
<img src=x onerror=alert(1)>into the comment form"
"Use Playwright to check the response headers of http://10.0.0.5 for security headers"
"Extract all JavaScript files referenced on the target page"
Playwright is classified as a dangerous tool. Every time the agent wants to use it, you will see a confirmation prompt in the chat. You must approve the execution before it runs.
This is because Playwright can interact with web applications -- filling forms, clicking buttons, submitting data -- which could have side effects on the target.
When stealth mode is enabled, Playwright usage is restricted:
- Single URL per call -- no automated crawling or bulk scraping
- Max 2 form submissions per target -- then the agent stops and asks you
- No credential spraying -- single login attempts only
- No fuzzing via browser -- use dedicated tools instead
| Limitation | Details |
|---|---|
| Output size | Capped at 15,000 characters per extraction |
| Content mode timeout | 45 seconds (page must finish loading) |
| Script mode timeout | 60 seconds (total script execution) |
| No file downloads | Browser runs headless inside Docker -- no download handling |
| No screenshots | Output is text/HTML only, no image capture |
The page is taking too long to reach network idle. Try:
- Targeting a specific element with a CSS selector instead of the full page
- Using script mode with a shorter
wait_for_load_state('domcontentloaded')instead ofnetworkidle
The CSS selector does not match anything on the page. The page may:
- Require authentication first (use script mode to login)
- Load content dynamically after initial render (add
page.wait_for_selector('selector')) - Use shadow DOM (access via
page.locator('selector'))
- The page may be a SPA that needs more time to render -- use script mode and add explicit waits
- Content may be inside an iframe -- use
page.frame()to access it
For full technical documentation including architecture diagrams, Docker setup, and implementation details, see README.PLAYWRIGHT.md.
Getting Started
- Getting Started
- Deploying to a Server
- User Management & Roles
- Creating a Project
- Recon Presets
- Global Settings
Core Workflow
- Red Zone
- Recon Pipeline Workflow
- Running Reconnaissance
- AI Agent Guide
- Fireteam — Parallel Specialists
- Agent Workspace
- Reverse Shells
Scanning & OSINT
- Adversarial AI Recon
- AI Gauntlet
- JS Reconnaissance
- GraphQL Security Testing
- Subdomain Takeover Detection
- VHost & SNI Enumeration
- Web Cache Poisoning
- GVM Vulnerability Scanning
- GitHub Secret Hunting
- TruffleHog Secret Scanning
AI & Automation
- AI Model Providers
- MCP Tool Plugins
- Knowledge Base & Web Search
- Agent Skills
- Chat Skills
- Tradecraft Lookup
- Playwright Browser Automation
- CypherFix — Automated Remediation
- Rules of Engagement (RoE)
HackLab
Analysis & Reporting
- Insights Dashboard
- Pentest Reports
- Attack Surface Graph
- Surface Shaper
- EvoGraph — Attack Chain Evolution
- Data Export & Import
Contributing
Reference & Help