MCP Catalogs
Home

shodan-mcp

by Vorota-ai·19·Score 43

An MCP server providing 20 tools for Shodan reconnaissance, vulnerability intelligence, and DNS analysis.

securitydeveloper-toolsai-llm
6
Forks
2
Open issues
3 mo ago
Last commit
2d ago
Indexed

Overview

The Shodan MCP server integrates Shodan's internet intelligence database directly into AI clients like Claude, Cursor, and VS Code. It offers both free tools that require no API key and premium tools for comprehensive reconnaissance. The server provides structured output using Pydantic models and includes input validation to ensure secure operations. All queries are passive, meaning no packets are sent directly to target systems.

Try asking AI

After installing, here are 5 things you can ask your AI assistant:

you:Security researchers conducting vulnerability reconnaissance
you:Network administrators monitoring exposed services
you:Developers investigating dependencies for security issues
you:Do I need a Shodan API key?
you:Is it safe?

When to choose this

Choose this server when you need internet reconnaissance and vulnerability intelligence integrated directly into your AI workflow, especially for security research.

When NOT to choose this

Avoid this if you need active scanning capabilities (this is passive-only), have concerns about vendor lock-in to Shodan, or require more comprehensive vulnerability databases.

Tools this server exposes

12 tools extracted from the README
  • shodan-cve-lookup

    Look up any CVE -- CVSS v3 scores, EPSS exploit prediction, references, affected CPEs

  • shodan-search-cves

    Search CVEs with filters -- CISA KEV catalog, EPSS sorting, date ranges

  • shodan-search-cpes

    Search CPE identifiers by product name (e.g., 'apache', 'nginx')

  • shodan-internetdb-lookup

    Fast free IP intelligence -- open ports, vulns, hostnames, CPEs, tags

  • shodan-ip-lookup

    Full IP reconnaissance -- ports, services, banners, geolocation, vulns, ISP/org, ASN

  • shodan-search

    Search Shodan's database of billions of devices with powerful query syntax

  • shodan-dns-resolve

    Resolve hostnames to IP addresses

  • shodan-domain-info

    Domain reconnaissance -- subdomains, DNS records, tags

  • shodan-honeypot-score

    Detect if an IP is a honeypot (0.0 = real, 1.0 = honeypot)

  • shodan-api-info

    Check API key usage -- plan type, remaining credits

  • shodan-my-ip

    Get your external IP address as seen by Shodan

  • shodan-list-filters

    List available search filters

Comparable tools

security-mcpnmap-mcpmetasploit-mcpsearch-mcp

Installation

Docker (recommended)

docker build -t shodan-mcp https://github.com/vorotaai/shodan-mcp.git

Using uv

git clone https://github.com/vorotaai/shodan-mcp.git
cd shodan-mcp
uv sync --all-groups
shodan-mcp

Using pip

git clone https://github.com/vorotaai/shodan-mcp.git
cd shodan-mcp
pip install .
shodan-mcp

Claude Desktop Configuration

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "shodan-mcp": {
      "command": "docker",
      "args": ["run", "--rm", "-i", "-e", "SHODAN_API_KEY", "shodan-mcp"],
      "env": {
        "SHODAN_API_KEY": "your-api-key-here"
      }
    }
  }
}

FAQ

Do I need a Shodan API key?
Not to get started. 4 tools work immediately with no key: CVE lookup, CVE search, CPE search, and InternetDB. A free API key unlocks the remaining 16 tools.
Is it safe?
Yes. All queries are passive (no packets to targets), inputs are validated, and API keys are never exposed in error messages.

Compare shodan-mcp with

shodan-mcp vs ultimate_mcp_servershodan-mcp vs mcp-server-chartshodan-mcp vs everythingshodan-mcp vs filesystemshodan-mcp vs time
GitHub →

Last updated · Auto-generated from public README + GitHub signals.