[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-74965":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":25,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":16,"starSnapshotCount":16,"syncStatus":38,"lastSyncTime":39,"discoverSource":40},74965,"jshookmcp","vmoranv\u002Fjshookmcp","vmoranv","js hook toolkit that all you need","https:\u002F\u002Fvmoranv.github.io\u002Fjshookmcp\u002F",null,"TypeScript",1637,423,4,1,0,25,69,169,75,105.88,"GNU Affero General Public License v3.0",false,"master",true,[27,28,29,30,31,32,33,34],"browser-automation","debugging","deobfuscation","js-reverse","mcp","network-analysis","reverse-engineering","security-analysis","2026-06-12 04:01:16","# @jshookmcp\u002Fjshook\n\n[![License: AGPLv3](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-AGPLv3-red.svg)](LICENSE)\n[![Node.js 22.12+](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fnode-22.12%2B-brightgreen.svg)](https:\u002F\u002Fnodejs.org\u002F)\n[![TypeScript](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FTypeScript-strict-3178C6.svg)](https:\u002F\u002Fwww.typescriptlang.org\u002F)\n[![MCP](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FMCP-current-8A2BE2.svg)](https:\u002F\u002Fmodelcontextprotocol.io\u002F)\n[![pnpm](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fpnpm-10.x-F69220.svg)](https:\u002F\u002Fpnpm.io\u002F)\n\nEnglish | [中文](.\u002FREADME.zh.md)\n\nAn MCP server that gives AI agents **402 tools across 36 domains** for JavaScript analysis and security research — browser automation, CDP debugging, network interception, JS hooks, LLM-powered code analysis, process\u002Fmemory forensics, WASM reverse engineering, source-map reconstruction, AST transforms, and composite workflows in a single server.\n\n## Quick Links\n\n- **[📖 Documentation](https:\u002F\u002Fvmoranv.github.io\u002Fjshookmcp\u002F)** · **[🚀 Getting Started](https:\u002F\u002Fvmoranv.github.io\u002Fjshookmcp\u002Fguide\u002Fgetting-started.html)** · **[⚙️ Configuration](https:\u002F\u002Fvmoranv.github.io\u002Fjshookmcp\u002Fguide\u002Fconfiguration.html)** · **[📚 Tool Reference](https:\u002F\u002Fvmoranv.github.io\u002Fjshookmcp\u002Freference\u002F)**\n\n## 🚀 Quick Start\n\nNo global install needed — add to your MCP client config and you're ready:\n\n**Claude Desktop \u002F Cursor (`claude_desktop_config.json`)**:\n\n```json\n{\n  \"mcpServers\": {\n    \"jshook\": {\n      \"command\": \"npx\",\n      \"args\": [\"-y\", \"@jshookmcp\u002Fjshook@latest\"],\n      \"env\": { \"JSHOOK_BASE_PROFILE\": \"search\" }\n    }\n  }\n}\n```\n\n*(Windows: use `npx.cmd` absolute path if `npx` is not found)*\n\n## 🌟 Highlights\n\n- 🤖 **AI-Driven Analysis** — LLM-powered deobfuscation, crypto detection, AST comprehension\n- ⚡ **Search-First Context Efficiency** — `search` profile ≈ 3K tokens vs `full` ≈ 40K+ tokens\n- 🎯 **Progressive Tiers** — `search` → `workflow` → `full`, activate on demand\n- 🌐 **Full-Stack Browser Automation** — Chromium\u002FCamoufox + CDP + anti-detection + CAPTCHA handling\n- 📡 **Network Interception** — HTTP\u002F2 frame building, MiTM capture, GraphQL, Burp Suite bridge\n- 🛠️ **Reverse Engineering Toolchain** — WASM disassembly, binary analysis, Frida, Ghidra\u002FIDA bridges\n- 🧰 **Process & Memory Forensics** — Native FFI scanning, hardware breakpoints, PE introspection\n- 🧩 **Dynamic Extensibility** — Hot-reload plugins, declarative workflows, auto-discovered domains\n\n## Architecture\n\n- **Runtime Registry** — Domains auto-discovered via `manifest.ts`; add a domain by creating one file\n- **Lazy Initialization** — Handlers instantiated on first call, not at startup\n- **BM25 + Vector Search** — `search_tools` meta-tool with hybrid ranking and adaptive weights\n- **MCP ToolAnnotations** — Every tool carries `readOnlyHint` \u002F `destructiveHint` \u002F `idempotentHint` \u002F `openWorldHint`\n\n## Registry Snapshot\n\nThe built-in surface below is generated from the runtime registry and checked in CI.\n\n\u003C!-- metadata-sync:start -->\n- Package version: `0.3.1`\n- Built-in Tools: `402`\n- Domains: `adb-bridge`, `antidebug`, `binary-instrument`, `boringssl-inspector`, `browser`, `canvas`, `coordination`, `core`, `cross-domain`, `debugger`, `encoding`, `evidence`, `extension-registry`, `graphql`, `hooks`, `instrumentation`, `macro`, `maintenance`, `memory`, `mojo-ipc`, `network`, `platform`, `process`, `protocol-analysis`, `proxy`, `sandbox`, `shared-state-board`, `skia-capture`, `sourcemap`, `streaming`, `syscall-hook`, `trace`, `transform`, `v8-inspector`, `wasm`, `workflow`\n- Note: this snapshot is generated from the runtime registry; do not edit the counts by hand.\n\u003C!-- metadata-sync:end -->\n\n> **[View the complete Tool Reference ↗](https:\u002F\u002Fvmoranv.github.io\u002Fjshookmcp\u002Freference\u002F)**\n\n## Project Stats\n\n\u003Cdiv align=\"center\">\n\n\u003Ca href=\"https:\u002F\u002Fwww.star-history.com\u002F?repos=vmoranv%2Fjshookmcp&type=date&legend=top-left\">\n \u003Cpicture>\n   \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"https:\u002F\u002Fapi.star-history.com\u002Fimage?repos=vmoranv\u002Fjshookmcp&type=date&legend=top-left\" \u002F>\n   \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"https:\u002F\u002Fapi.star-history.com\u002Fimage?repos=vmoranv\u002Fjshookmcp&type=date&legend=top-left\" \u002F>\n   \u003Cimg alt=\"Star History Chart\" src=\"https:\u002F\u002Fapi.star-history.com\u002Fimage?repos=vmoranv\u002Fjshookmcp&type=date&legend=top-left\" \u002F>\n \u003C\u002Fpicture>\n\u003C\u002Fa>\n\n![Activity](https:\u002F\u002Frepobeats.axiom.co\u002Fapi\u002Fembed\u002F83c000c790b1c665ff2686d2d02605412a0b8805.svg 'Repobeats analytics image')\n\n\u003C\u002Fdiv>\n","jshookmcp 是一个集成了多种 JavaScript 分析和安全研究工具的 MCP 服务器。它提供了402种工具，覆盖了36个领域，包括浏览器自动化、CDP调试、网络拦截、JS钩子、基于LLM的代码分析、进程\u002F内存取证、WASM逆向工程、源码映射重建、AST转换等。项目采用TypeScript编写，支持Node.js 22.12+版本，并且具备动态扩展性，允许热插拔插件和声明式工作流。适用于需要进行深度JavaScript代码审查、逆向工程及安全测试的场景。",2,"2026-06-11 03:51:44","high_star"]