Tor Network Access
Provide AI agents with full Tor network access and dark web data through a zero-config OpenClaw skill or standalone tool.
What is Tor Network Access?
Tor Network Access is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to provide ai agents with full tor network access and dark web data through a zero-config openclaw skill or standalone tool.
Provide AI agents with full Tor network access and dark web data through a zero-config OpenClaw skill or standalone tool.
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- Provide AI agents with full Tor network access and dark web
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx onionclawConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Tor Network Access
OnionClaw is a Python-based toolkit that gives AI agents and security researchers full access to the Tor network and dark web hidden services, functioning either as an OpenClaw skill or a standalone set of command-line tools. It provides seven specialized scripts for verifying Tor connectivity, rotating exit circuits, health-checking 18 dark web search engines, querying them in parallel, fetching .onion pages, and running LLM-powered OSINT analysis across four specialized modes (threat intelligence, ransomware indicators, personal identity exposure, and corporate credential leaks). No LLM API key is required for the five non-analysis commands, making it suitable for privacy-preserving network research with fully local inference via Ollama.
Prerequisites
- Python 3.10 or higher
- Tor installed and running locally with SOCKS proxy on 127.0.0.1:9050
- Python packages: requests[socks], beautifulsoup4, python-dotenv, stem
- Optional: LLM API key (OpenAI, Anthropic, Google Gemini) or Ollama for local inference — required only for ask.py and pipeline.py
- OpenClaw (for skill-based installation) or standalone terminal usage
Install Tor on your system
OnionClaw requires a running Tor daemon listening on the default SOCKS port 9050. Install it via your system package manager and start it.
# macOS
brew install tor && tor &
# Linux (Debian/Ubuntu)
apt install tor && tor &Clone OnionClaw and install dependencies
Clone the repository and install the required Python packages. The requests[socks] extra is critical for routing traffic through Tor's SOCKS5 proxy.
git clone https://github.com/JacobJandon/OnionClaw
cd OnionClaw
pip install requests[socks] beautifulsoup4 python-dotenv stemConfigure environment variables
Copy the example .env file and edit it with your Tor settings. The defaults work for standard Tor installations. Add an LLM API key only if you plan to use ask.py or pipeline.py.
cp .env.example .env
# Edit .env — defaults work for standard Tor:
# TOR_SOCKS_HOST=127.0.0.1
# TOR_SOCKS_PORT=9050
# TOR_CONTROL_HOST=127.0.0.1
# TOR_CONTROL_PORT=9051
# Optional for analysis:
# LLM_PROVIDER=openai
# OPENAI_API_KEY=sk-...Verify Tor connectivity
Run the check_tor script to confirm your Tor daemon is reachable and traffic is routing correctly. It displays your Tor exit IP to confirm anonymization is active.
python3 check_tor.pySearch the dark web
Use search.py to query multiple dark web search engines simultaneously. Specify one or more engine names from the 18 supported engines.
python3 search.py --query "ransomware healthcare" --engines Ahmia Tor66Run full automated OSINT pipeline
The pipeline.py script combines searching, fetching, and LLM analysis into an end-to-end investigation workflow. Specify a query, analysis mode, and output file.
python3 pipeline.py --query "hospital ransomware 2026" --mode ransomware --out report.mdTor Network Access Examples
Client configuration (Claude Desktop)
Register OnionClaw as an MCP server in Claude Desktop. The server runs Python scripts from the cloned directory.
{
"mcpServers": {
"onionclaw": {
"command": "python3",
"args": ["/path/to/OnionClaw/mcp_server.py"],
"env": {
"TOR_SOCKS_HOST": "127.0.0.1",
"TOR_SOCKS_PORT": "9050",
"OPENAI_API_KEY": "sk-your-key-for-analysis"
}
}
}
}Prompts to try
Use these prompts for OSINT research tasks via Tor network access.
- "Check Tor connectivity and show me the current exit node IP"
- "Search dark web for mentions of ransomware targeting hospitals using Ahmia and Tor66"
- "Fetch and analyze this .onion page for threat intelligence indicators"
- "Run a ransomware OSINT pipeline for the query 'healthcare data breach 2026'"
- "Rotate the Tor circuit to get a new exit IP"
- "Check which of the 18 dark web search engines are currently online"Troubleshooting Tor Network Access
check_tor.py fails with connection refused or SOCKS proxy error
Ensure the Tor daemon is running: `ps aux | grep tor` on macOS/Linux. On macOS run `tor &` or `brew services start tor`. Verify TOR_SOCKS_PORT=9050 in your .env matches Tor's actual SocksPort (check /etc/tor/torrc or ~/.torrc).
renew.py fails to rotate the Tor circuit
Circuit rotation requires the Tor control port (9051) to be enabled and accessible. Edit your torrc file to add `ControlPort 9051` and optionally set `CookieAuthentication 1`. Restart Tor after changing torrc. Set TOR_CONTROL_PASSWORD in .env if you configured a hashed password.
ask.py or pipeline.py fails with LLM provider error
Verify your LLM_PROVIDER and corresponding API key are set in .env. Valid providers are: openai, anthropic, gemini, ollama, llamacpp. For fully local inference without API costs, set LLM_PROVIDER=ollama and ensure Ollama is running locally with a model pulled (e.g. `ollama pull llama3`).
Frequently Asked Questions about Tor Network Access
What is Tor Network Access?
Tor Network Access is a Model Context Protocol (MCP) server that provide ai agents with full tor network access and dark web data through a zero-config openclaw skill or standalone tool. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Tor Network Access?
Follow the installation instructions on the Tor Network Access GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Tor Network Access?
Tor Network Access works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Tor Network Access free to use?
Yes, Tor Network Access is open source and available under the NOASSERTION license. You can use it freely in both personal and commercial projects.
Tor Network Access Alternatives — Similar Security Servers
Looking for alternatives to Tor Network Access? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Tor Network Access in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Tor Network Access?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.