tor_check
Check if an IP address is a Tor exit node to identify anonymous network connections in security research.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| ip | Yes | IP address to check for Tor node status |
Implementation Reference
- src/tools/threat.ts:29-43 (handler)The handler implementation for the `tor_check` tool within `ThreatIntelClient`. It queries the Tor Project's Onionoo API to check if the provided IP is a known Tor relay or exit node.
async isTorNode(ip: string): Promise<any> { try { const response = await fetch(`https://onionoo.torproject.org/details?search=${ip}`); const data = await response.json() as any; const isExit = data.relays?.some((r: any) => r.exit_policy_summary); return { ip, isTorNode: data.relays?.length > 0, isExitNode: isExit || false, details: data.relays?.[0] }; } catch (error) { throw new McpError(ErrorCode.InternalError, `Tor Check error: ${(error as Error).message}`); } } - src/index.ts:652-661 (registration)Registration of the `tor_check` tool in `src/index.ts`. It takes an `ip` parameter and calls the `threatClient.isTorNode` method.
server.tool( "tor_check", { ip: z.string().describe("IP address to check for Tor node status") }, async ({ ip }) => { const result = await threatClient.isTorNode(ip); return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }], }; } );