admin/redc
1
0
Fork 0
mirror of https://github.com/wgpsec/redc.git synced 2026-01-24 12:43:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add MCP documentation and update README files

Browse Source 
Co-authored-by: No-Github <18167071+No-Github@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-01-23 11:59:07 +00:00
parent cd24438eb9
commit b7eee749f6
6 changed files with 702 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -15,4 +15,5 @@ dist/
out
redc-taskresult
redc.log
red-cloud
red-cloud
redc

295
MCP.md Normal file
View File

@@ -0,0 +1,295 @@
# MCP (Model Context Protocol) Support
[中文](MCP_CN.md) | English
---
## Overview
redc now supports the Model Context Protocol (MCP), which allows AI assistants and automation tools to interact with redc's infrastructure management capabilities programmatically.
MCP support enables:
- **AI-driven infrastructure management**: Let AI assistants help you deploy and manage red team infrastructure
- **Automated workflows**: Integrate redc with AI tools and automation platforms
- **Programmatic access**: Control redc through a standardized JSON-RPC protocol
- **Multi-modal integration**: Works with various AI clients via STDIO or SSE transports
## Features
The redc MCP server exposes the following capabilities:
### Tools (Actions)
1. **list_templates** - List all available redc templates/images
2. **list_cases** - List all running cases in the current project
3. **create_case** - Create a new case from a template
4. **start_case** - Start a case by ID
5. **stop_case** - Stop a running case by ID
6. **kill_case** - Kill (destroy) a case by ID
7. **get_case_status** - Get the status of a specific case
8. **exec_command** - Execute a command on a case
### Resources
1. **redc://templates** - JSON list of available templates
2. **redc://cases** - JSON list of all cases in the current project
3. **redc://config** - Current redc configuration
## Transport Modes
redc MCP server supports two transport modes:
### 1. STDIO Transport
STDIO mode is ideal for local integration with AI assistants and tools. The server reads JSON-RPC requests from stdin and writes responses to stdout.
**Usage:**
```bash
redc mcp stdio
```
This mode is perfect for:
- Claude Desktop integration
- Local AI assistant tools
- Development and testing
- Pipeline automation
### 2. SSE (Server-Sent Events) Transport
SSE mode runs an HTTP server that can handle multiple clients and provides a web-accessible endpoint.
**Usage:**
```bash
# Default address (localhost:8080)
redc mcp sse
# Custom address
redc mcp sse localhost:9000
# Listen on all interfaces
redc mcp sse 0.0.0.0:8080
# Short form (port only)
redc mcp sse :8080
```
The SSE server exposes three endpoints:
- `GET /` - Server information
- `POST /message` - Send JSON-RPC messages (recommended)
- `GET /sse` - SSE streaming endpoint
This mode is perfect for:
- Web-based AI clients
- Remote access
- Multi-user environments
- Production deployments
## Usage Examples
### Initialize MCP Protocol
When connecting to the MCP server, the client must first send an `initialize` request:
```json
{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize",
"params": {}
}
```
Response:
```json
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"protocolVersion": "2024-11-05",
"capabilities": {
"tools": {},
"resources": {}
},
"serverInfo": {
"name": "redc",
"version": "1.x.x"
}
}
}
```
### List Available Tools
```json
{
"jsonrpc": "2.0",
"id": 2,
"method": "tools/list"
}
```
### Create a Case
```json
{
"jsonrpc": "2.0",
"id": 3,
"method": "tools/call",
"params": {
"name": "create_case",
"arguments": {
"template": "aliyun/ecs",
"name": "my-test-case",
"env": {
"region": "cn-hangzhou"
}
}
}
}
```
### Start a Case
```json
{
"jsonrpc": "2.0",
"id": 4,
"method": "tools/call",
"params": {
"name": "start_case",
"arguments": {
"case_id": "8a57078ee856"
}
}
}
```
### Execute a Command
```json
{
"jsonrpc": "2.0",
"id": 5,
"method": "tools/call",
"params": {
"name": "exec_command",
"arguments": {
"case_id": "8a57078ee856",
"command": "whoami"
}
}
}
```
### Read Resources
```json
{
"jsonrpc": "2.0",
"id": 6,
"method": "resources/read",
"params": {
"uri": "redc://cases"
}
}
```
## Integration with AI Assistants
### Claude Desktop
Add to your Claude Desktop configuration (`~/Library/Application Support/Claude/claude_desktop_config.json` on macOS):
```json
{
"mcpServers": {
"redc": {
"command": "/path/to/redc",
"args": ["mcp", "stdio"],
"env": {
"REDC_PROJECT": "default"
}
}
}
}
```
### Using curl with SSE mode
```bash
# Start the SSE server
redc mcp sse localhost:8080
# In another terminal, send requests
curl -X POST http://localhost:8080/message \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/list"
}'
```
## Configuration
The MCP server uses the same configuration as the redc CLI:
- **Project**: Use `--project` flag to specify the project (default: "default")
- **User**: Use `--user` flag to specify the operator (default: "system")
- **Config file**: Use `--config` flag to specify a custom config file
- **Debug mode**: Use `--debug` flag to enable debug logging
Example:
```bash
redc mcp sse --project myproject --user alice --debug
```
## Security Considerations
### STDIO Mode
- Runs locally with the same permissions as the user running redc
- No network exposure
- Safe for local development
### SSE Mode
- Exposes HTTP endpoints on the network
- **WARNING**: No authentication by default
- Recommended to:
- Bind to localhost only (default)
- Use firewall rules to restrict access
- Deploy behind a reverse proxy with authentication
- Use VPN or SSH tunnels for remote access
## Troubleshooting
### Server won't start
- Check if the port is already in use
- Verify redc configuration is valid
- Ensure templates directory exists
### Commands fail
- Verify the case ID is correct
- Check case status before executing commands
- Ensure SSH connectivity to the case
- Check redc logs for detailed error messages
### Connection issues
- For STDIO: Check that JSON-RPC messages are properly formatted
- For SSE: Verify the server is running and accessible
- Use `--debug` flag for verbose logging
## Protocol Version
redc implements MCP protocol version **2024-11-05**.
## Additional Resources
- [MCP Specification](https://modelcontextprotocol.io/)
- [redc Documentation](README.md)
- [Template Repository](https://github.com/wgpsec/redc-template)
## Support
For issues or questions:
- GitHub Issues: https://github.com/wgpsec/redc/issues
- Discussions: https://github.com/wgpsec/redc/discussions

295
MCP_CN.md Normal file
View File

@@ -0,0 +1,295 @@
# MCP (模型上下文协议) 支持
中文 | [English](MCP.md)
---
## 概述
redc 现已支持模型上下文协议MCP允许 AI 助手和自动化工具通过编程方式与 redc 的基础设施管理功能进行交互。
MCP 支持实现了:
- **AI 驱动的基础设施管理**:让 AI 助手帮助您部署和管理红队基础设施
- **自动化工作流**:将 redc 与 AI 工具和自动化平台集成
- **编程访问**:通过标准化的 JSON-RPC 协议控制 redc
- **多模式集成**:通过 STDIO 或 SSE 传输与各种 AI 客户端协同工作
## 功能特性
redc MCP 服务器提供以下能力:
### 工具(操作)
1. **list_templates** - 列出所有可用的 redc 模板/镜像
2. **list_cases** - 列出当前项目中的所有场景
3. **create_case** - 从模板创建新场景
4. **start_case** - 通过 ID 启动场景
5. **stop_case** - 通过 ID 停止运行中的场景
6. **kill_case** - 通过 ID 销毁场景
7. **get_case_status** - 获取特定场景的状态
8. **exec_command** - 在场景上执行命令
### 资源
1. **redc://templates** - 可用模板的 JSON 列表
2. **redc://cases** - 当前项目中所有场景的 JSON 列表
3. **redc://config** - 当前 redc 配置
## 传输模式
redc MCP 服务器支持两种传输模式:
### 1. STDIO 传输
STDIO 模式非常适合与本地 AI 助手和工具集成。服务器从 stdin 读取 JSON-RPC 请求并将响应写入 stdout。
**使用方式:**
```bash
redc mcp stdio
```
此模式适用于:
- Claude Desktop 集成
- 本地 AI 助手工具
- 开发和测试
- 管道自动化
### 2. SSE服务器发送事件传输
SSE 模式运行一个 HTTP 服务器,可以处理多个客户端并提供可通过 Web 访问的端点。
**使用方式:**
```bash
# 默认地址localhost:8080
redc mcp sse
# 自定义地址
redc mcp sse localhost:9000
# 监听所有接口
redc mcp sse 0.0.0.0:8080
# 简写形式(仅端口)
redc mcp sse :8080
```
SSE 服务器提供三个端点:
- `GET /` - 服务器信息
- `POST /message` - 发送 JSON-RPC 消息(推荐)
- `GET /sse` - SSE 流式端点
此模式适用于:
- 基于 Web 的 AI 客户端
- 远程访问
- 多用户环境
- 生产部署
## 使用示例
### 初始化 MCP 协议
连接到 MCP 服务器时,客户端必须首先发送 `initialize` 请求:
```json
{
"jsonrpc": "2.0",
"id": 1,
"method": "initialize",
"params": {}
}
```
响应:
```json
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"protocolVersion": "2024-11-05",
"capabilities": {
"tools": {},
"resources": {}
},
"serverInfo": {
"name": "redc",
"version": "1.x.x"
}
}
}
```
### 列出可用工具
```json
{
"jsonrpc": "2.0",
"id": 2,
"method": "tools/list"
}
```
### 创建场景
```json
{
"jsonrpc": "2.0",
"id": 3,
"method": "tools/call",
"params": {
"name": "create_case",
"arguments": {
"template": "aliyun/ecs",
"name": "my-test-case",
"env": {
"region": "cn-hangzhou"
}
}
}
}
```
### 启动场景
```json
{
"jsonrpc": "2.0",
"id": 4,
"method": "tools/call",
"params": {
"name": "start_case",
"arguments": {
"case_id": "8a57078ee856"
}
}
}
```
### 执行命令
```json
{
"jsonrpc": "2.0",
"id": 5,
"method": "tools/call",
"params": {
"name": "exec_command",
"arguments": {
"case_id": "8a57078ee856",
"command": "whoami"
}
}
}
```
### 读取资源
```json
{
"jsonrpc": "2.0",
"id": 6,
"method": "resources/read",
"params": {
"uri": "redc://cases"
}
}
```
## 与 AI 助手集成
### Claude Desktop
将以下内容添加到您的 Claude Desktop 配置文件macOS 上位于 `~/Library/Application Support/Claude/claude_desktop_config.json`
```json
{
"mcpServers": {
"redc": {
"command": "/path/to/redc",
"args": ["mcp", "stdio"],
"env": {
"REDC_PROJECT": "default"
}
}
}
}
```
### 使用 curl 配合 SSE 模式
```bash
# 启动 SSE 服务器
redc mcp sse localhost:8080
# 在另一个终端中发送请求
curl -X POST http://localhost:8080/message \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/list"
}'
```
## 配置
MCP 服务器使用与 redc CLI 相同的配置:
- **项目**:使用 `--project` 标志指定项目(默认:"default"
- **用户**:使用 `--user` 标志指定操作者(默认:"system"
- **配置文件**:使用 `--config` 标志指定自定义配置文件
- **调试模式**:使用 `--debug` 标志启用调试日志
示例:
```bash
redc mcp sse --project myproject --user alice --debug
```
## 安全注意事项
### STDIO 模式
- 在本地运行,具有与运行 redc 的用户相同的权限
- 无网络暴露
- 适合本地开发
### SSE 模式
- 在网络上暴露 HTTP 端点
- **警告**:默认情况下没有身份验证
- 建议:
- 仅绑定到 localhost默认
- 使用防火墙规则限制访问
- 部署在带有身份验证的反向代理后面
- 使用 VPN 或 SSH 隧道进行远程访问
## 故障排除
### 服务器无法启动
- 检查端口是否已被占用
- 验证 redc 配置是否有效
- 确保模板目录存在
### 命令执行失败
- 验证场景 ID 是否正确
- 在执行命令前检查场景状态
- 确保可以通过 SSH 连接到场景
- 检查 redc 日志以获取详细错误信息
### 连接问题
- STDIO 模式:检查 JSON-RPC 消息格式是否正确
- SSE 模式:验证服务器是否正在运行且可访问
- 使用 `--debug` 标志获取详细日志
## 协议版本
redc 实现 MCP 协议版本 **2024-11-05**
## 其他资源
- [MCP 规范](https://modelcontextprotocol.io/)
- [redc 文档](README_CN.md)
- [模板仓库](https://github.com/wgpsec/redc-template)
## 支持
如有问题或疑问:
- GitHub Issueshttps://github.com/wgpsec/redc/issues
- Discussionshttps://github.com/wgpsec/redc/discussions

55
README.md
View File

@@ -34,6 +34,7 @@
- **[User Guide](README.md)** - Complete installation and usage guide
- **[AI Operations Skills](SKILLS.md)** - Comprehensive guide for AI agents and automation tools
- **[MCP Protocol Support](MCP.md)** - Model Context Protocol integration for AI assistants
- **[Template Repository](https://github.com/wgpsec/redc-template)** - Pre-configured infrastructure templates
- **[Online Templates](https://redc.wgpsec.org/)** - Browse and download templates
@@ -334,6 +335,60 @@ This requires template support for changes, can switch elastic public IP
redc change [caseid]
````
## MCP (Model Context Protocol) Support
redc now supports the Model Context Protocol, enabling seamless integration with AI assistants and automation tools.
### Key Features
- **Two Transport Modes**: STDIO for local integration and SSE for web-based access
- **Comprehensive Tools**: Create, manage, and execute commands on infrastructure
- **AI-Friendly**: Works with Claude Desktop, custom AI tools, and automation platforms
- **Secure**: STDIO runs locally with no network exposure; SSE can be restricted to localhost
### Quick Start
**Start STDIO Server** (for Claude Desktop integration):
```bash
redc mcp stdio
```
**Start SSE Server** (for web-based clients):
```bash
# Default (localhost:8080)
redc mcp sse
# Custom port
redc mcp sse localhost:9000
```
### Available Tools
- `list_templates` - List all available templates
- `list_cases` - List all cases in the project
- `create_case` - Create a new case from template
- `start_case` / `stop_case` / `kill_case` - Manage case lifecycle
- `get_case_status` - Check case status
- `exec_command` - Execute commands on cases
### Example: Integrate with Claude Desktop
Add to `~/Library/Application Support/Claude/claude_desktop_config.json`:
```json
{
"mcpServers": {
"redc": {
"command": "/path/to/redc",
"args": ["mcp", "stdio"]
}
}
}
```
For detailed documentation, see **[MCP.md](MCP.md)**.
---
## Compose Orchestration Service WIP
redc provides an orchestration service

55
README_CN.md
View File

@@ -34,6 +34,7 @@
- **[使用指南](README_CN.md)** - 完整的安装和使用指南
- **[AI 运维 Skills](SKILLS_CN.md)** - AI 代理和自动化工具的综合指南
- **[MCP 协议支持](MCP_CN.md)** - AI 助手的模型上下文协议集成
- **[模板仓库](https://github.com/wgpsec/redc-template)** - 预配置的基础设施模板
- **[在线模板](https://redc.wgpsec.org/)** - 浏览和下载模板
@@ -342,6 +343,60 @@ redc cp [caseid]:/root/test.txt ./
redc change [caseid]
````
## MCP模型上下文协议支持
redc 现已支持模型上下文协议,可与 AI 助手和自动化工具无缝集成。
### 主要特性
- **两种传输模式**STDIO 用于本地集成SSE 用于基于 Web 的访问
- **全面的工具**:创建、管理和在基础设施上执行命令
- **AI 友好**:支持 Claude Desktop、自定义 AI 工具和自动化平台
- **安全性**STDIO 在本地运行无网络暴露SSE 可限制为 localhost
### 快速开始
**启动 STDIO 服务器**(用于 Claude Desktop 集成):
```bash
redc mcp stdio
```
**启动 SSE 服务器**(用于基于 Web 的客户端):
```bash
# 默认localhost:8080
redc mcp sse
# 自定义端口
redc mcp sse localhost:9000
```
### 可用工具
- `list_templates` - 列出所有可用模板
- `list_cases` - 列出项目中的所有场景
- `create_case` - 从模板创建新场景
- `start_case` / `stop_case` / `kill_case` - 管理场景生命周期
- `get_case_status` - 检查场景状态
- `exec_command` - 在场景上执行命令
### 示例:与 Claude Desktop 集成
添加到 `~/Library/Application Support/Claude/claude_desktop_config.json`
```json
{
"mcpServers": {
"redc": {
"command": "/path/to/redc",
"args": ["mcp", "stdio"]
}
}
}
```
详细文档请参阅 **[MCP_CN.md](MCP_CN.md)**。
---
## 编排服务compose WIP
redc 提供了一个编排服务

BIN
redc
View File

Binary file not shown.