Grok HTTP Server
FreeNot checkedEnables Grok to send arbitrary HTTP requests with cookie session persistence and redirect tracking, designed for web/CTF scenarios.
About
Enables Grok to send arbitrary HTTP requests with cookie session persistence and redirect tracking, designed for web/CTF scenarios.
README
基于 Cloudflare Workers 的 MCP 服务器,为 Grok 提供底层 HTTP 能力,适用于 Web/CTF 场景:任意请求、Cookie 会话持久化、重定向追踪与结构化响应。
功能特性
http_request— 发送任意 HTTP 方法,完全控制 URL、Header、Body、Cookiehttp_session— 管理命名 Cookie 容器(default、victim、attacker等)- 会话持久化 — 通过 Durable Objects 跨多次 tool call 保持 Cookie
- 双传输协议 — Streamable HTTP(
/mcp)与旧版 SSE(/sse) - 默认无鉴权 — 便于 CTF/测试快速接入(见下方安全说明)
快速开始
npm install
npx wrangler login
npm run dev
健康检查:http://127.0.0.1:8787/health
部署:
npm run deploy
部署完成后会显示 Worker 地址(例如 https://grok2web.<account>.workers.dev)。
Grok 自定义连接器
- 打开 grok.com/connectors
- 点击 New Connector → Custom(新建连接器 → 自定义)
- 填入以下 URL 之一:
- 推荐:
https://<your-worker>.workers.dev/mcp - SSE 兼容:
https://<your-worker>.workers.dev/sse
- 推荐:
- 填写名称(如
Grok HTTP MCP)并保存
Grok 会自动发现 http_request 和 http_session 两个工具。
工具说明
http_request
{
"method": "POST",
"url": "https://target.example/login",
"headers": { "Content-Type": "application/x-www-form-urlencoded" },
"body": "user=admin&pass=test",
"http_session_id": "default",
"follow_redirects": true,
"timeout_ms": 30000
}
返回字段包括:status、headers、cookies_set、cookies_jar、body、redirect_chain、timing_ms。
http_session
| action | 说明 |
|---|---|
list |
列出所有会话及 Cookie 数量 |
create |
创建命名空 Cookie 容器 |
reset |
清空指定会话的 Cookie |
get_cookies |
读取全部 Cookie(含 domain/path 元数据) |
set_cookies |
手动注入 Cookie |
delete |
删除命名会话(不可删除 default) |
CTF 示例流程
步骤 1 — 设置 Cookie:
{
"method": "GET",
"url": "https://httpbin.org/cookies/set?session=abc123"
}
步骤 2 — 验证持久化:
{
"method": "GET",
"url": "https://httpbin.org/cookies"
}
第二次请求会自动携带 session=abc123。
并行会话(多角色攻击链):
{ "action": "create", "session_id": "victim" }
之后在 http_request 中使用 "http_session_id": "victim"。
本地测试
npm run verify # MCP + Cookie 持久化测试
npx @modelcontextprotocol/inspector
连接 http://127.0.0.1:8787/mcp,在 UI 中调用工具。
安全说明
当前部署无鉴权。任何知道 URL 的人均可通过 Worker 发送 HTTP 请求。仅建议用于 CTF 实验和测试环境;生产使用前请添加 API Key 或 OAuth。
项目结构
src/
├── index.ts # /mcp、/sse、/health 路由
├── mcp-agent.ts # GrokHttpMCP(McpAgent + DO 状态)
├── tools/
│ ├── http-request.ts
│ └── http-session.ts
└── lib/
├── cookie-jar.ts
├── http-client.ts
├── response-format.ts
└── session-store.ts
许可证
本项目采用 GNU General Public License v3.0 或更高版本 授权。
Installing Grok HTTP Server
This server has no published package — it is built from source. Open the repository and follow its README.
▸ github.com/LING71671/grok2webFAQ
Is Grok HTTP Server MCP free?
Yes, Grok HTTP Server MCP is free — one-click install via Unyly at no cost.
Does Grok HTTP Server need an API key?
No, Grok HTTP Server runs without API keys or environment variables.
Is Grok HTTP Server hosted or self-hosted?
A hosted option is available: Unyly runs the server in the cloud, no local setup required.
How do I install Grok HTTP Server in Claude Desktop, Claude Code or Cursor?
Open Grok HTTP Server on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
GitHub
PRs, issues, code search, CI status
by GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
by mcpdotdirectCompare Grok HTTP Server with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All development MCPs
