Extend Rikune with built-in or custom plugins — each plugin registers MCP tools with the server. 通过内置或自定义插件扩展 Rikune — 每个插件都向服务器注册 MCP 工具。
Rikune's plugin system allows modular registration of MCP tools. Each plugin exports a register() function that receives the server context and registers tools, hooks, and lifecycle callbacks.
Rikune 的插件系统允许模块化注册 MCP 工具。每个插件导出一个 register() 函数,接收服务器上下文并注册工具、钩子和生命周期回调。
| Plugin插件 | Tools工具数 | Description描述 |
|---|---|---|
pe-analysis |
12 | Core PE parsing — headers, imports, exports, sections, resources核心 PE 解析 — 头信息、导入、导出、节、资源 |
ghidra |
8 | Ghidra decompilation, function listing, CFG, xrefsGhidra 反编译、函数列表、CFG、交叉引用 |
detection |
6 | capa, DIE, YARA scanning, compiler/packer identificationcapa、DIE、YARA 扫描、编译器/加壳识别 |
dynamic |
24 | Runtime status, runtime toolkit inventory, deep dynamic planning, CDB, ProcDump, telemetry, network lab, managed runtime, and GUI handoff planning, runtime persona planning, behavior diffing, Hyper-V control, Sandbox/Hyper-V behavior capture, Frida, Qiling, angr, Wine, PANDA integration运行时状态、runtime 工具库存、深度动态计划、CDB、ProcDump、telemetry、网络实验、托管运行时和 GUI handoff 规划、runtime persona 规划、行为差异对比、Hyper-V 控制、Sandbox/Hyper-V 行为捕获、Frida、Qiling、angr、Wine、PANDA 集成 |
intel |
7 | C2, IOC, family classification, YARA/Sigma generationC2、IOC、家族分类、YARA/Sigma 生成 |
workflow |
6 | Staged pipeline orchestration, job queue management分阶段流水线编排、作业队列管理 |
dotnet |
5 | .NET metadata, IL disassembly, type extraction.NET 元数据、IL 反汇编、类型提取 |
llm-review |
4 | LLM-assisted function naming, explanation, reconstructionLLM 辅助函数命名、解释、重建 |
docker-backend |
15 | Docker-specific backend tools (Rizin, RetDec, etc.)Docker 专用后端工具(Rizin、RetDec 等) |
These 56 plugins ship with the repository under src/plugins/. They are auto-discovered at startup; the final MCP tool surface depends on enabled plugins, progressive discovery, and runtime readiness. The authoritative inventory is maintained in docs/PLUGINS.md.
这 56 个插件随仓库一起发布在 src/plugins/ 下。它们在启动时自动发现;最终 MCP 工具面取决于启用插件、渐进式发现和 runtime readiness。权威清单维护在 docs/PLUGINS.md。
| Plugin插件 | Tools工具数 | Tool Names工具名 | Dependencies依赖 |
|---|---|---|---|
android |
4 | apk.structure.analyze, dex.decompile, dex.classes.list, apk.packer.detect |
JADX_PATH |
angr |
1 | angr.analyze |
ANGR_PYTHON |
api-hash |
3 | hash.resolve, hash.identify, hash.resolver.plan |
— |
apk-smali |
3 | apk.disassemble, apk.manifest.parse, apk.resources.decode |
JADX_PATH |
batch |
3 | batch.submit, batch.status, batch.results |
— |
behavior-first |
3 | behavior.capture, behavior.ioc, behavior.network |
Optional可选: FRIDA_PATH |
binary-diff |
2 | binary.diff, binary.diff.summary |
— |
capstone |
2 | disasm.quick, shellcode.disasm |
— |
code-analysis |
19 | code.functions.list, code.functions.rank, code.functions.smart.recover, code.functions.define, code.functions.search, code.xrefs.analyze, code.function.decompile, code.function.disassemble, code.function.cfg, code.functions.reconstruct, code.function.rename.prepare, code.function.rename.apply, code.function.explain.prepare, code.function.explain.apply, code.module.review.prepare, code.module.review.apply, code.reconstruct.export, dotnet.reconstruct.export, code.reconstruct.plan |
— |
crackme |
4 | crackme.locate_validation, symbolic.explore, patch.generate, keygen.verify |
Optional可选: ANGR_PYTHON |
cross-module |
3 | cross_binary.compare, call_graph.cross_module, dll.dependency_tree |
— |
debug-session |
9 | debug.session.start, debug.session.breakpoint, debug.session.continue, debug.session.step, debug.session.inspect, debug.session.end, debug.session.smart_breakpoint, debug.session.snapshot, debug.session.watch |
GDB |
deep-unpack |
3 | deep.unpack.pipeline, deep.unpack.pe_reconstruct, deep.unpack.dump_scan |
Optional可选: Speakeasy, Qiling, Wine |
die |
2 | die.scan, die.identify |
DIE_PATH |
dotnet-decompile |
2 | dotnet.decompile, dotnet.decompile.type |
— |
dotnet-reactor |
4 | reactor.anti_tamper, reactor.string_decrypt, reactor.dynamic_methods, reactor.resource_export |
python3 |
dynamic |
24 | dynamic.auto_hook, dynamic.trace_attribute, dynamic.memory_dump, dynamic.behavior.capture, dynamic.behavior.diff, dynamic.dependencies, dynamic.trace.import, dynamic.memory.import, sandbox.execute, runtime.debug.session.start, runtime.debug.session.status, runtime.debug.session.stop, runtime.debug.command, dynamic.runtime.status, dynamic.toolkit.status, dynamic.deep_plan, debug.cdb.plan, debug.procdump.plan, debug.telemetry.plan, debug.network.plan, debug.managed.plan, debug.gui.handoff, dynamic.persona.plan, runtime.hyperv.control |
Optional可选: FRIDA_PATH |
elf-macho |
4 | elf.structure.analyze, macho.structure.analyze, elf.imports.extract, elf.exports.extract |
— |
firmware |
3 | firmware.* |
— |
frida |
4 | frida.runtime.instrument, frida.script.inject, frida.trace.capture, frida.script.generate |
frida CLI |
ghidra |
2 | ghidra.analyze, ghidra.health |
GHIDRA_INSTALL_DIR |
go-analysis |
3 | go.symbols.recover, go.types.list, go.binary.analyze |
— |
graphviz |
1 | graphviz.render |
GRAPHVIZ_DOT_PATH |
host-correlation |
1 | host.correlate |
python3 |
kb-collaboration |
8 | kb.function_match, analysis.template, kb.import.bulk, kb.export, kb.import, kb.stats, analysis.notes, rule.library |
— |
malware |
4 | c2.extract, malware.config.extract, malware.classify, sandbox.report |
Optional可选: CAPA_RULES_PATH, YARA_RULES_PATH |
managed-fake-c2 |
1 | managed.fake_c2 |
python3 |
managed-il-xrefs |
2 | managed.il_xrefs, managed.token_xrefs |
python3 |
managed-sandbox |
1 | managed.safe_run |
python3 |
memory-forensics |
6 | memory-forensics.pslist, memory-forensics.dlllist, memory-forensics.malfind, memory-forensics.netscan, memory-forensics.hivelist, memory-forensics.cmdline |
VOLATILITY3_PATH |
metadata |
1 | metadata.extract |
— |
observability |
1 | observability.metrics |
— (uses global hooks)—(使用全局钩子) |
office-analysis |
3 | office.vba.extract, office.macro.detect, office.ole.analyze |
— |
panda |
1 | panda.inspect |
PANDA_PATH |
pcap-analysis |
3 | pcap.analyze, pcap.dns.list, pcap.extract.streams |
— |
pe-analysis |
6 | pe.structure.analyze, pe.imports.extract, pe.exports.extract, pe.fingerprint, pe.pdata.extract, pe.symbols.recover |
— |
pe-signature |
2 | pe.signature.verify, pe.certificate.extract |
— |
qiling |
1 | qiling.inspect |
QILING_PYTHON |
reporting |
3 | report.summarize, report.generate, workflow.summarize |
— |
retdec |
1 | retdec.decompile |
RETDEC_PATH |
rizin |
1 | rizin.analyze |
RIZIN_PATH |
runtime-deobfuscate |
4 | deobf.strings, deobf.api_resolve, deobf.cfg_trace, deobf.dotnet |
Optional可选: de4dot |
sbom |
1 | sbom.generate |
— |
similarity |
2 | sample.similarity, sample.cluster.fuzzy |
Optional可选: py-tlsh |
speakeasy |
3 | speakeasy.emulate, speakeasy.shellcode, speakeasy.api_trace |
speakeasy-emulator |
static-triage |
20 | analysis.context.link, runtime.detect, dotnet.metadata.extract, dotnet.types.list, packer.detect, static.capability.triage, compiler.packer.detect, binary.role.profile, crypto.identify, breakpoint.smart, trace.condition, dll.export.profile, com.role.profile, rust.binary.analyze, entropy.analyze, obfuscation.detect, taint.track, static.resource.graph, static.config.carver, static.behavior.classify |
— |
strings |
2 | strings.extract, strings.floss.decode |
Optional可选: FLOSS_PATH |
threat-intel |
3 | attack.map, ioc.export, sigma.rule.generate |
— |
unpacking |
3 | unpack.auto, unpack.guide, unpack.child.handoff |
— |
upx |
1 | upx.inspect |
UPX_PATH |
visualization |
5 | report.html.generate, behavior.timeline, data_flow.map, analysis.evidence.graph, crypto.lifecycle.graph |
— |
vm-analysis |
10 | vm.detect, vm.pattern.analyze, vm.opcode.extract, vm.disasm.build, vm.emulate, vm.semantic.diff, constraint.extract, smt.solve, keygen.synthesize, mba.simplify |
— |
vuln-scanner |
2 | vuln.pattern.scan, vuln.pattern.summary |
— |
wine |
1 | wine.run |
WINE_PATH |
yara |
3 | yara.scan, yara.generate, yara.generate.batch |
Optional可选: yara-python |
yara-x |
1 | yaraX.scan |
YARA_X_PATH |
A plugin is a module that exports a register() function:
插件是一个导出 register() 函数的模块:
import { PluginContext } from './types'; export function register(ctx: PluginContext) { ctx.registerTool({ name: 'my-plugin.hello', description: 'Say hello', inputSchema: { type: 'object', properties: { name: { type: 'string' } } }, async handler({ name }) { return { greeting: `Hello, ${name}!` }; } }); } export const meta = { name: 'my-plugin', version: '1.0.0', description: 'A custom plugin' };
| Method | Description描述 |
|---|---|
registerTool() | Register an MCP tool注册 MCP 工具 |
check() | Verify plugin dependencies验证插件依赖 |
configSchema() | Declare configuration schema声明配置模式 |
dependencies() | Declare plugin dependencies声明插件依赖 |
hooks() | Register lifecycle hooks注册生命周期钩子 |
teardown() | Cleanup on shutdown关闭时清理 |
Control which plugins are loaded via the PLUGINS environment variable:
通过 PLUGINS 环境变量控制加载哪些插件:
# Load all plugins (default) PLUGINS=* # Load only specific plugins PLUGINS=pe-analysis,ghidra,detection # Exclude specific plugins PLUGINS=*,-docker-backend
Use these MCP tools to inspect the plugin system at runtime: 使用以下 MCP 工具在运行时检查插件系统:
| Tool工具 | Description描述 |
|---|---|
plugin.list | List all loaded plugins with status列出所有已加载插件及状态 |
plugin.enable | Enable a disabled plugin启用已禁用的插件 |
plugin.disable | Disable a plugin at runtime运行时禁用插件 |
src/plugins/ directory for modules with register() exports.
服务器扫描 src/plugins/ 目录,查找导出 register() 的模块。
check() verifies dependencies are met (e.g., Ghidra installed).
每个插件的 check() 验证依赖是否满足(如 Ghidra 已安装)。
register() is called, tools are added to the registry.
调用 register(),工具被添加到注册表。
teardown() is called on server shutdown for cleanup.
服务器关闭时调用 teardown() 进行清理。
Plugins can register hooks to intercept tool execution:插件可以注册钩子拦截工具执行:
| Hook钩子 | When时机 | Use Case用例 |
|---|---|---|
onBeforeToolCall | Before tool execution工具执行前 | Input validation, audit logging, parameter transformation输入验证、审计日志、参数转换 |
onAfterToolCall | After success执行成功后 | Result enrichment, metrics, caching结果增强、指标收集、缓存 |
onToolError | On failure执行失败时 | Error reporting, fallback logic, retry错误报告、降级逻辑、重试 |
| Type类型 | Location位置 | Description描述 |
|---|---|---|
| Built-in内建 | src/plugins/ | Shipped with the server; auto-discovered随服务器发布;自动发现 |
| External外部 | Any npm package任意 npm 包 | Installed separately; configured via PLUGINS env单独安装;通过 PLUGINS 环境变量配置 |
| Runtime运行时 | Hot-loaded at startup启动时热加载 | Dynamic load/unload without restart无需重启的动态加载/卸载 |