Xray MCP Server

# Xray MCP Server This is an enhanced MCP (Model Context Protocol) server that provides xray vulnerability scanning capabilities for ModelScope hosting. ## Features - **xray_scan**: Perform vulnerability scans on target URLs - Support for basic-crawler and phantasm-crawler scan types - Configurable timeout - Plugin and POC support - JSON output with detailed results - **xray_version**: Get xray version information - **xray_start_proxy**: Start xray in passive proxy mode (planned) - Configurable proxy port - Real-time vulnerability detection - **xray_stop_proxy**: Stop the running xray proxy (planned) - **xray_service_scan**: Scan services on non-HTTP targets (planned) - Port range scanning - Service detection ## Installation 1. Install Python 3.7+ 2. Install xray from https://github.com/chaitin/xray 3. Set the XRAY_PATH environment variable to point to your xray binary: ```bash export XRAY_PATH=/path/to/xray ``` ## Configuration Environment variables: - `XRAY_PATH`: Path to xray binary (default: "xray") - `XRAY_CONFIG_DIR`: Configuration directory (default: "~/.xray-mcp") - `XRAY_OUTPUT_DIR`: Output directory for scan results (default: system temp) ## Usage ### For ModelScope MCP This server is designed to work with ModelScope's MCP platform. The server implements the MCP protocol and can be integrated into the ModelScope ecosystem. ### Standalone Usage Run the server: ```bash python server.py ``` The server reads JSON-RPC requests from stdin and writes responses to stdout. ### Example Request ```json { "jsonrpc": "2.0", "id": 1, "method": "tools/call", "params": { "name": "xray_scan", "arguments": { "target": "http://example.com", "scan_type": "basic-crawler", "timeout": 300 } } } ``` ## Available Tools ### xray_scan Performs a vulnerability scan on a target URL. Parameters: - `target` (required): The target URL to scan - `scan_type` (optional): Type of scan - "basic-crawler" or "phantasm-crawler" (default: "basic-crawler") - `timeout` (optional): Scan timeout in seconds (default: 300) - `plugins` (optional): Comma-separated list of plugins to use - `poc` (optional): POC to use for scanning ### xray_version Gets the version information of the installed xray scanner. No parameters required. ### xray_start_proxy (Planned) Starts xray in passive proxy mode for real-time scanning. Parameters: - `port` (optional): Proxy port to listen on (default: 7777) ### xray_stop_proxy (Planned) Stops the running xray proxy. No parameters required. ### xray_service_scan (Planned) Scans services on non-HTTP targets. Parameters: - `target` (required): The target host/IP to scan - `port_range` (optional): Port range to scan (default: "1-65535") - `timeout` (optional): Scan timeout in seconds (default: 300) ## Security Considerations - The server executes xray with user-provided URLs - Implement appropriate access controls when deploying - Consider rate limiting for production use - Validate and sanitize all inputs ## License MIT License