Shodan MCP Server
@Cyreslab-AI
About Shodan MCP Server
A Model Context Protocol server that provides access to Shodan API functionality
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"shodan": {
"command": "node",
"args": [
"/path/to/shodan-mcp-server/build/index.js"
],
"env": {
"SHODAN_API_KEY": ""
}
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Shodan MCP Server?
A Model Context Protocol (MCP) server that provides access to Shodan API functionality and CVE database, allowing AI assistants to query information about internet-connected devices, services, and vulnerabilities. It integrates with Claude or other MCP-compatible AI assistants.
How to use Shodan MCP Server?
Clone the repository, run npm install and npm run build, set the SHODAN_API_KEY environment variable, then start with npm start. For Claude integration, add the server to MCP settings with the command node and the path to build/index.js, providing the API key via env.SHODAN_API_KEY.
Key features of Shodan MCP Server
- Host information lookup for specific IP addresses
- Search Shodan’s database for devices and services
- Network range scanning using CIDR notation
- SSL certificate details for domains
- IoT device search by device type and country
- CVE lookup, search, and exploit prediction
Use cases of Shodan MCP Server
- Investigate a suspicious IP address for open ports and services.
- Find all internet-facing Apache servers in a given country.
- Identify known vulnerabilities affecting a specific software product.
- Enumerate subdomains and DNS records for a domain.
- Retrieve the latest Known Exploited Vulnerabilities from CISA.
FAQ from Shodan MCP Server
What does Shodan MCP Server require to run?
It requires Node.js, npm, and a valid Shodan API key. The API key must be set as the SHODAN_API_KEY environment variable.
Are all features free?
No. Search, network scanning, SSL certificate lookup, IoT device search, and domain info require a paid Shodan API key. CVE database functionality (CVE lookup, search, CPE info, newest CVEs, KEV, EPSS) is completely free.
How is authentication handled?
The server authenticates with Shodan via the API key provided in the SHODAN_API_KEY environment variable. No additional authentication is used for the MCP transport.
Can I use this server with other MCP clients besides Claude?
Yes — it is built on the MCP standard and can be used with any MCP-compatible AI assistant. The README specifically mentions Claude Desktop and Claude.app.
What data does Shodan MCP Server access?
It accesses the Shodan API (internet device data, SSL certificates, DNS, etc.) and a CVE database. No data is stored locally; all queries go to Shodan and the CVE source.
More Other MCP servers
ICSS
chokcoco不止于 CSS
Nginx UI
0xJackyYet another WebUI for Nginx
MaxKB
1Panel-dev🔥 MaxKB is an open-source platform for building enterprise-grade agents. 强大易用的开源企业级智能体平台。
Mcp
browsermcpBrowser MCP is a Model Context Provider (MCP) server that allows AI applications to control your browser
AutoBrowser MCP
autobrowser-aiBrowser MCP is a Model Context Provider (MCP) server that allows AI applications to control your browser
Comments