{"id":46576666,"url":"https://github.com/zebbern/webhook-mcp-server","last_synced_at":"2026-03-07T10:04:43.028Z","repository":{"id":334635016,"uuid":"1142115974","full_name":"zebbern/webhook-mcp-server","owner":"zebbern","description":"A Model Context Protocol (MCP) server for webhook.site - instantly capture HTTP requests, emails, and DNS lookups. Perfect for testing webhooks, debugging API callbacks, security testing, and bug bounty hunting.","archived":false,"fork":false,"pushed_at":"2026-01-26T16:42:38.000Z","size":100,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-26T17:21:36.901Z","etag":null,"topics":["mcp","mcp-client","mcp-gateway","mcp-server","mcp-tools","webhook","webhook-api","webhook-deleter","webhook-event-handlers","webhook-mcp","webhook-receiver","webhook-sender","webhook-server","webhook-service","webhook-site","webhook-site-mcp","webhooks","webhooksite"],"latest_commit_sha":null,"homepage":"https://webhook.site","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zebbern.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-26T01:00:39.000Z","updated_at":"2026-01-26T16:42:18.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/zebbern/webhook-mcp-server","commit_stats":null,"previous_names":["zebbern/webhook-mcp-server"],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/zebbern/webhook-mcp-server","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zebbern%2Fwebhook-mcp-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zebbern%2Fwebhook-mcp-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zebbern%2Fwebhook-mcp-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zebbern%2Fwebhook-mcp-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zebbern","download_url":"https://codeload.github.com/zebbern/webhook-mcp-server/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zebbern%2Fwebhook-mcp-server/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30212021,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-07T09:02:10.694Z","status":"ssl_error","status_checked_at":"2026-03-07T09:02:08.429Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["mcp","mcp-client","mcp-gateway","mcp-server","mcp-tools","webhook","webhook-api","webhook-deleter","webhook-event-handlers","webhook-mcp","webhook-receiver","webhook-sender","webhook-server","webhook-service","webhook-site","webhook-site-mcp","webhooks","webhooksite"],"created_at":"2026-03-07T10:04:42.236Z","updated_at":"2026-03-07T10:04:43.023Z","avatar_url":"https://github.com/zebbern.png","language":"Python","funding_links":[],"categories":["カテゴリ"],"sub_categories":["🔌 \u003ca name=\"api-development\"\u003e\u003c/a\u003eAPI開発"],"readme":"# Webhook.site MCP Server\n\n[![PyPI](https://img.shields.io/pypi/v/webhook-mcp-server.svg)](https://pypi.org/project/webhook-mcp-server/)\n[![Python](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/)\n[![MCP](https://img.shields.io/badge/MCP-23%20tools-brightgreen.svg)](https://modelcontextprotocol.io/)\n\nA Model Context Protocol (MCP) server for [webhook.site](https://webhook.site) - instantly capture HTTP requests, emails, and DNS lookups. Perfect for testing webhooks, debugging API callbacks, security testing, and bug bounty hunting.\n\n---\n\n## Table of Contents\n\n- [Quick Start](#quick-start)\n- [What Can You Do?](#what-can-you-do)\n- [Tools Reference](#tools-reference)\n- [Examples](#examples)\n- [Each Webhook Token Provides](#each-webhook-token-provides)\n- [Architecture](#architecture)\n- [Development](#development)\n- [Contributing](#contributing)\n- [Requirements](#requirements)\n- [Changelog](#changelog)\n- [Credits](#credits)\n- [Links](#links)\n\n---\n\n## Quick Start\n\n### Installation\n\n```bash\n# Using uvx (recommended - no install needed)\nuvx webhook-mcp-server\n\n# Or install via pip\npip install webhook-mcp-server\n```\n\n### VS Code / GitHub Copilot\n\nAdd to `.vscode/mcp.json`:\n\n```json\n{\n  \"servers\": {\n    \"webhook-mcp-server\": {\n      \"type\": \"stdio\",\n      \"command\": \"uvx\",\n      \"args\": [\"webhook-mcp-server\"]\n    }\n  }\n}\n```\n\n### Claude Desktop\n\nAdd to `claude_desktop_config.json`:\n\n```json\n{\n  \"mcpServers\": {\n    \"webhook-mcp-server\": {\n      \"command\": \"uvx\",\n      \"args\": [\"webhook-mcp-server\"]\n    }\n  }\n}\n```\n\n---\n\n## What Can You Do?\n\n### Capture Webhooks\n\n```\n\"Create a webhook and show me the URL\"\n\"What requests have been sent to my webhook?\"\n\"Wait for a request to come in\"\n```\n\n\u003cimg width=\"555\" height=\"555\" alt=\"Webhooks\" src=\"https://github.com/user-attachments/assets/75558234-9d93-4b79-817e-373a5ce75382\" /\u003e\n\n### Security/Bug Bounty:\n\n```\n\"Generate an SSRF payload to test for blind vulnerabilities\"\n\"Create XSS callback payloads to detect blind XSS attacks\"\n\"Make me a canary token to detect if someone accesses a URL\"\n```\n\n\u003cimg width=\"555\" height=\"555\" alt=\"Security\" src=\"https://github.com/user-attachments/assets/12150308-932a-4872-acd9-5473c7dde6ff\" /\u003e\n\n### Email Automation:\n\n```\n\"Create a temp email and wait for a password reset link\"\n\"Monitor this webhook for emails and extract all links from them\"\n\"Give me 3 temporary emails at once\" (batch creation)\n```\n\n\u003cimg width=\"555\" height=\"555\" alt=\"Email\" src=\"https://github.com/user-attachments/assets/04af7d6e-e8aa-4e35-a817-2204cde8f5e7\" /\u003e\n\n### API Testing:\n\n```\n\"Create a webhook that returns a 404 error with a custom message\"\n\"Make a webhook with CORS enabled that waits 5 seconds before responding\"\n\"Send 10 different test requests to a webhook and show me all the captured data\"\n```\n\n\u003cimg width=\"555\" height=\"555\" alt=\"API\" src=\"https://github.com/user-attachments/assets/d8f2c46b-fb40-4e57-8957-0edef8e94db6\" /\u003e\n\n### Real-time Monitoring:\n\n```\n\"Create a webhook and wait for any HTTP request to arrive\"\n\"Monitor for DNS lookups to detect if a server is making DNS queries\"\n\"Search all requests for ones containing 'password' in the body\"\n```\n\n\u003cimg width=\"555\" height=\"555\" alt=\"Monitoring\" src=\"https://github.com/user-attachments/assets/12c9d270-f9df-489a-8be1-9afb4726404b\" /\u003e\n\n### Data Analysis:\n\n```\n\"Export all captured webhook requests to JSON format\"\n\"Show me statistics on requests received in the last hour\"\n\"Filter and show only POST requests with specific headers\"\n```\n\n\u003cimg width=\"555\" height=\"555\" alt=\"Data\" src=\"https://github.com/user-attachments/assets/51cd0032-d92b-46e7-9f0c-6cee96b6e4f3\" /\u003e\n\n### Creative/Practical:\n\n```\n\"Create a webhook that pretends to be a Stripe payment API\"\n\"Make a fake login endpoint that captures credentials (for pentesting)\"\n\"Set up an email inbox that auto-extracts verification codes\"\n```\n\n\u003cimg width=\"555\" height=\"555\" alt=\"Practical\" src=\"https://github.com/user-attachments/assets/a15bcbc4-087a-40bb-a1e5-a42475bd1301\" /\u003e\n\n### Canary Tokens\n\n```\n\"Create a canary URL to track document access\"\n\"Generate a DNS canary for the config file\"\n\"Set up an email tracker pixel\"\n```\n\n\u003cimg width=\"555\" height=\"555\" alt=\"CanaryTokens\" src=\"https://github.com/user-attachments/assets/2e6af1f5-55d6-4670-b899-6809f3031439\" /\u003e\n\n---\n\n## Tools Reference\n\n### Webhook Management\n\n| Tool                         | Description                                        |\n| ---------------------------- | -------------------------------------------------- |\n| `create_webhook`             | Create a new webhook endpoint                      |\n| `create_webhook_with_config` | Create with custom response, status, CORS, timeout |\n| `get_webhook_url`            | Get the full URL for a webhook token               |\n| `get_webhook_email`          | Get the email address for a webhook                |\n| `get_webhook_dns`            | Get the DNS subdomain for a webhook                |\n| `get_webhook_info`           | Get webhook settings and statistics                |\n| `update_webhook`             | Modify webhook configuration                       |\n| `delete_webhook`             | Delete a webhook endpoint                          |\n\n### Request Handling\n\n| Tool                   | Description                                 |\n| ---------------------- | ------------------------------------------- |\n| `send_to_webhook`      | Send JSON data to a webhook                 |\n| `get_webhook_requests` | List all captured requests                  |\n| `search_requests`      | Search with filters (method, content, date) |\n| `delete_request`       | Delete a specific request                   |\n| `delete_all_requests`  | Bulk delete with filters                    |\n\n### Real-Time Waiting\n\n| Tool               | Description                                   |\n| ------------------ | --------------------------------------------- |\n| `wait_for_request` | Wait for an HTTP request (polling)            |\n| `wait_for_email`   | Wait for email with automatic link extraction |\n\n### Bug Bounty / Security\n\n| Tool                         | Description                                          |\n| ---------------------------- | ---------------------------------------------------- |\n| `generate_ssrf_payload`      | Create SSRF test payloads (HTTP, DNS, IP-based)      |\n| `generate_xss_callback`      | Create XSS callback payloads with cookie/DOM capture |\n| `generate_canary_token`      | Create trackable URLs, DNS, or email canaries        |\n| `check_for_callbacks`        | Quick check for OOB callbacks                        |\n| `extract_links_from_request` | Extract URLs from captured requests                  |\n\n### Batch \u0026 Utility\n\n| Tool                     | Description                             |\n| ------------------------ | --------------------------------------- |\n| `send_multiple_requests` | Send batch of requests for load testing |\n| `export_webhook_data`    | Export all requests to JSON             |\n\n---\n\n## Examples\n\n### Create a Webhook\n\n```json\n// Response from create_webhook\n{\n  \"token\": \"abc123-def456-...\",\n  \"url\": \"https://webhook.site/abc123-def456-...\",\n  \"email\": \"abc123-def456-...@email.webhook.site\",\n  \"dns\": \"abc123-def456-....dnshook.site\"\n}\n```\n\n### Wait for Password Reset Email\n\n```json\n// Response from wait_for_email\n{\n  \"email_received\": true,\n  \"subject\": \"Password Reset Request\",\n  \"from\": \"noreply@example.com\",\n  \"links_found\": [\"https://example.com/reset?token=xyz789\"]\n}\n```\n\n### SSRF Testing Payload\n\n```json\n// Response from generate_ssrf_payload\n{\n  \"payloads\": {\n    \"http\": \"https://webhook.site/token?id=ssrf-test\",\n    \"dns\": \"ssrf-test.token.dnshook.site\",\n    \"ip_decimal\": \"http://2130706433/token\",\n    \"ip_hex\": \"http://0x7f000001/token\"\n  }\n}\n```\n\n---\n\n## Each Webhook Token Provides\n\n| Endpoint      | Format                         | Use Case                    |\n| ------------- | ------------------------------ | --------------------------- |\n| **HTTP URL**  | `https://webhook.site/{token}` | Capture HTTP/HTTPS requests |\n| **Subdomain** | `https://{token}.webhook.site` | Alternative URL format      |\n| **Email**     | `{token}@email.webhook.site`   | Capture incoming emails     |\n| **DNS**       | `{token}.dnshook.site`         | Capture DNS lookups         |\n\n---\n\n## Architecture\n\n```\nwebhook-mcp-server/\n├── server.py              # MCP entry point\n├── handlers/              # Tool routing layer\n├── services/              # Business logic\n│   ├── webhook_service.py # Webhook CRUD\n│   ├── request_service.py # Request management\n│   └── bugbounty_service.py # Security payloads\n├── models/                # Tool definitions \u0026 schemas\n└── utils/                 # HTTP client, logging, validation\n```\n\n### Key Features\n\n- **Async Architecture** - Non-blocking I/O for optimal performance\n- **Retry Logic** - Exponential backoff for transient failures\n- **Input Validation** - UUID validation, parameter sanitization\n- **Structured Logging** - JSON logs for debugging and monitoring\n- **Type Safety** - Full type hints throughout\n\n---\n\n## Development\n\n### Setup\n\n```bash\ngit clone https://github.com/zebbern/webhook-mcp-server.git\ncd webhook-mcp-server\npip install -e \".[dev]\"\n```\n\n### Run Tests\n\n```bash\npytest tests/ -v\n```\n\n### Run Locally\n\n```bash\npython server.py\n```\n\n---\n\n## Requirements\n\n- Python 3.10+\n- `mcp \u003e= 1.0.0`\n- `httpx \u003e= 0.25.0`\n\n---\n\n## Changelog\n\nSee [CHANGELOG.md](CHANGELOG.md) for version history.\n\n---\n\n## Contributing\n\nContributions are welcome! Here's how you can help:\n\n1. **Report bugs** - Open an issue describing the problem\n2. **Suggest features** - Open an issue with your idea\n3. **Submit PRs** - Fork the repo and submit a pull request\n\n### Development Setup\n\n```bash\ngit clone https://github.com/zebbern/webhook-mcp-server.git\ncd webhook-mcp-server\npip install -e \".[dev]\"\npytest tests/ -v\n```\n\n### Guidelines\n\n- Follow existing code style\n- Add tests for new features\n- Update documentation as needed\n- Keep PRs focused on a single change\n\n---\n\n## Credits\n- [Simon Fredsted (Founder of webhook.site)](https://github.com/fredsted)\n- [Official webhook.site open source repo](https://github.com/webhooksite/webhook.site)\n\nThis project is not affiliated with or endorsed by webhook.site\n\n## Links\n\n- 📦 [PyPI Package](https://pypi.org/project/webhook-mcp-server/)\n- 🐙 [GitHub Repository](https://github.com/zebbern/webhook-mcp-server)\n- 🌐 [webhook.site](https://webhook.site) - The service this MCP wraps\n- 📖 [Model Context Protocol](https://modelcontextprotocol.io/) - MCP specification\n\n\n---\n\n**Made with ❤️ for the MCP community**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzebbern%2Fwebhook-mcp-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzebbern%2Fwebhook-mcp-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzebbern%2Fwebhook-mcp-server/lists"}