Command Palette

Search for a command to run...

UnylyUnyly
Browse all

Grok HTTP Server

FreeNot checked

Enables Grok to send arbitrary HTTP requests with cookie session persistence and redirect tracking, designed for web/CTF scenarios.

GitHubEmbed

About

Enables Grok to send arbitrary HTTP requests with cookie session persistence and redirect tracking, designed for web/CTF scenarios.

README

License: GPL v3

English

基于 Cloudflare Workers 的 MCP 服务器,为 Grok 提供底层 HTTP 能力,适用于 Web/CTF 场景:任意请求、Cookie 会话持久化、重定向追踪与结构化响应。

功能特性

  • http_request — 发送任意 HTTP 方法,完全控制 URL、Header、Body、Cookie
  • http_session — 管理命名 Cookie 容器(defaultvictimattacker 等)
  • 会话持久化 — 通过 Durable Objects 跨多次 tool call 保持 Cookie
  • 双传输协议 — Streamable HTTP(/mcp)与旧版 SSE(/sse
  • 默认无鉴权 — 便于 CTF/测试快速接入(见下方安全说明)

快速开始

npm install
npx wrangler login
npm run dev

健康检查:http://127.0.0.1:8787/health

部署:

npm run deploy

部署完成后会显示 Worker 地址(例如 https://grok2web.<account>.workers.dev)。

Grok 自定义连接器

  1. 打开 grok.com/connectors
  2. 点击 New ConnectorCustom(新建连接器 → 自定义)
  3. 填入以下 URL 之一:
    • 推荐: https://<your-worker>.workers.dev/mcp
    • SSE 兼容: https://<your-worker>.workers.dev/sse
  4. 填写名称(如 Grok HTTP MCP)并保存

Grok 会自动发现 http_requesthttp_session 两个工具。

工具说明

http_request

{
  "method": "POST",
  "url": "https://target.example/login",
  "headers": { "Content-Type": "application/x-www-form-urlencoded" },
  "body": "user=admin&pass=test",
  "http_session_id": "default",
  "follow_redirects": true,
  "timeout_ms": 30000
}

返回字段包括:statusheaderscookies_setcookies_jarbodyredirect_chaintiming_ms

http_session

action 说明
list 列出所有会话及 Cookie 数量
create 创建命名空 Cookie 容器
reset 清空指定会话的 Cookie
get_cookies 读取全部 Cookie(含 domain/path 元数据)
set_cookies 手动注入 Cookie
delete 删除命名会话(不可删除 default

CTF 示例流程

步骤 1 — 设置 Cookie:

{
  "method": "GET",
  "url": "https://httpbin.org/cookies/set?session=abc123"
}

步骤 2 — 验证持久化:

{
  "method": "GET",
  "url": "https://httpbin.org/cookies"
}

第二次请求会自动携带 session=abc123

并行会话(多角色攻击链):

{ "action": "create", "session_id": "victim" }

之后在 http_request 中使用 "http_session_id": "victim"

本地测试

npm run verify                    # MCP + Cookie 持久化测试
npx @modelcontextprotocol/inspector

连接 http://127.0.0.1:8787/mcp,在 UI 中调用工具。

安全说明

当前部署无鉴权。任何知道 URL 的人均可通过 Worker 发送 HTTP 请求。仅建议用于 CTF 实验和测试环境;生产使用前请添加 API Key 或 OAuth。

项目结构

src/
├── index.ts           # /mcp、/sse、/health 路由
├── mcp-agent.ts       # GrokHttpMCP(McpAgent + DO 状态)
├── tools/
│   ├── http-request.ts
│   └── http-session.ts
└── lib/
    ├── cookie-jar.ts
    ├── http-client.ts
    ├── response-format.ts
    └── session-store.ts

许可证

本项目采用 GNU General Public License v3.0 或更高版本 授权。

from github.com/LING71671/grok2web

Installing Grok HTTP Server

This server has no published package — it is built from source. Open the repository and follow its README.

▸ github.com/LING71671/grok2web

FAQ

Is Grok HTTP Server MCP free?

Yes, Grok HTTP Server MCP is free — one-click install via Unyly at no cost.

Does Grok HTTP Server need an API key?

No, Grok HTTP Server runs without API keys or environment variables.

Is Grok HTTP Server hosted or self-hosted?

A hosted option is available: Unyly runs the server in the cloud, no local setup required.

How do I install Grok HTTP Server in Claude Desktop, Claude Code or Cursor?

Open Grok HTTP Server on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.

Related MCPs

Compare Grok HTTP Server with

Not sure what to pick?

Find your stack in 60 seconds

Author?

Embed badge for your README

Browse similar

All development MCPs