Shodan logo

Shodan

Community
burtthecoder

MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and CVE/CPE vulnerability intelligence. Works with Claude Code, Codex, Gemini CLI, and Claude Desktop.

Publisherburtthecoder
Repositorymcp-shodan
LanguageTypeScript
Forks
23
Stars
126
Available tools
0
Transport typestdio
Categories
Auth SecurityDeveloper Tools
LicenseMIT
Links
GitHubHomepage
  • Connect tools to AI workflows

    Shodan exposes MCP capabilities that can be used by compatible AI clients and agents.

  • 0 available tools

    Browse the callable actions below, including names and descriptions when provided by the server.

  • Ready-to-copy setup

    Use the installation snippets to configure this server in your preferred MCP client.

  • Open source signals

    126 stars and 23 forks from the linked repository.

Shodan MCP Server

smithery badge MCP Registry

A Model Context Protocol (MCP) server for querying the Shodan API and Shodan CVEDB. This server provides comprehensive access to Shodan's network intelligence and security services, including IP reconnaissance, DNS operations, vulnerability tracking, and device discovery. All tools provide structured, formatted output for easy analysis and integration.

Quick Start (Recommended)

Installing via Claude Code

bash
claude mcp add --transport stdio --env SHODAN_API_KEY=your-shodan-api-key shodan -- npx -y @burtthecoder/mcp-shodan

Installing via Codex CLI

bash
codex mcp add shodan --env SHODAN_API_KEY=your-shodan-api-key -- npx -y @burtthecoder/mcp-shodan

Installing via Gemini CLI

bash
gemini mcp add -e SHODAN_API_KEY=your-shodan-api-key shodan npx -y @burtthecoder/mcp-shodan

Installing via Smithery

To install Shodan Server for Claude Desktop automatically via Smithery:

bash
npx -y @smithery/cli install @burtthecoder/mcp-shodan --client claude

Installing Manually

  1. Install the server globally via npm:
bash
npm install -g @burtthecoder/mcp-shodan
  1. Add to your Claude Desktop configuration file:
json
{
  "mcpServers": {
    "shodan": {
      "command": "mcp-shodan",
      "env": {
        "SHODAN_API_KEY": "your-shodan-api-key"
      }
    }
  }
}

Configuration file location:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
  1. Restart Claude Desktop

Alternative Setup (From Source)

If you prefer to run from source or need to modify the code:

  1. Clone and build:
bash
git clone https://github.com/BurtTheCoder/mcp-shodan.git
cd mcp-shodan
npm install
npm run build
  1. Add to your Claude Desktop configuration:
json
{
  "mcpServers": {
    "shodan": {
      "command": "node",
      "args": ["/absolute/path/to/mcp-shodan/build/index.js"],
      "env": {
        "SHODAN_API_KEY": "your-shodan-api-key"
      }
    }
  }
}

Features

  • Network Reconnaissance: Query detailed information about IP addresses, including open ports, services, and vulnerabilities
  • DNS Operations: Forward and reverse DNS lookups for domains and IP addresses
  • Vulnerability Intelligence: Access to Shodan's CVEDB for detailed vulnerability information, CPE lookups, and product-specific CVE tracking
  • Device Discovery: Search Shodan's database of internet-connected devices with advanced filtering

Tools

1. IP Lookup Tool

  • Name: ip_lookup
  • Description: Retrieve comprehensive information about an IP address, including geolocation, open ports, running services, SSL certificates, hostnames, and cloud provider details if available
  • Parameters:
    • ip (required): IP address to lookup
  • Returns:
    • IP Information (address, organization, ISP, ASN)
    • Location (country, city, coordinates)
    • Services (ports, protocols, banners)
    • Cloud Provider details (if available)
    • Associated hostnames and domains
    • Tags

2. Shodan Search Tool

  • Name: shodan_search
  • Description: Search Shodan's database of internet-connected devices
  • Parameters:
    • query (required): Shodan search query
    • max_results (optional, default: 10): Number of results to return
  • Returns:
    • Search summary with total results
    • Country-based distribution statistics
    • Detailed device information including:
      • Basic information (IP, organization, ISP)
      • Location data
      • Service details
      • Web server information
      • Associated hostnames and domains

3. CVE Lookup Tool

  • Name: cve_lookup
  • Description: Query detailed vulnerability information from Shodan's CVEDB
  • Parameters:
    • cve (required): CVE identifier in format CVE-YYYY-NNNNN (e.g., CVE-2021-44228)
  • Returns:
    • Basic Information (ID, published date, summary)
    • Severity Scores:
      • CVSS v2 and v3 with severity levels
      • EPSS probability and ranking
    • Impact Assessment:
      • KEV status
      • Proposed mitigations
      • Ransomware associations
    • Affected products (CPEs)
    • References

4. DNS Lookup Tool

  • Name: dns_lookup
  • Description: Resolve domain names to IP addresses using Shodan's DNS service
  • Parameters:
    • hostnames (required): Array of hostnames to resolve
  • Returns:
    • DNS resolutions mapping hostnames to IPs
    • Summary of total lookups and queried hostnames

5. Reverse DNS Lookup Tool

  • Name: reverse_dns_lookup
  • Description: Perform reverse DNS lookups to find hostnames associated with IP addresses
  • Parameters:
    • ips (required): Array of IP addresses to lookup
  • Returns:
    • Reverse DNS resolutions mapping IPs to hostnames
    • Summary of total lookups and results

6. CPE Lookup Tool

  • Name: cpe_lookup
  • Description: Search for Common Platform Enumeration (CPE) entries by product name
  • Parameters:
    • product (required): Name of the product to search for
    • count (optional, default: false): If true, returns only the count of matching CPEs
    • skip (optional, default: 0): Number of CPEs to skip (for pagination)
    • limit (optional, default: 1000): Maximum number of CPEs to return
  • Returns:
    • When count is true: Total number of matching CPEs
    • When count is false: List of CPEs with pagination details

7. CVEs by Product Tool

  • Name: cves_by_product
  • Description: Search for vulnerabilities affecting specific products or CPEs
  • Parameters:
    • cpe23 (optional): CPE 2.3 identifier (format: cpe:2.3:part:vendor:product:version)
    • product (optional): Name of the product to search for CVEs
    • count (optional, default: false): If true, returns only the count of matching CVEs
    • is_kev (optional, default: false): If true, returns only CVEs with KEV flag set
    • sort_by_epss (optional, default: false): If true, sorts CVEs by EPSS score
    • skip (optional, default: 0): Number of CVEs to skip (for pagination)
    • limit (optional, default: 1000): Maximum number of CVEs to return
    • start_date (optional): Start date for filtering CVEs (format: YYYY-MM-DDTHH:MM:SS)
    • end_date (optional): End date for filtering CVEs (format: YYYY-MM-DDTHH:MM:SS)
  • Notes:
    • Must provide either cpe23 or product, but not both
    • Date filtering uses published time of CVEs
  • Returns:
    • Query information
    • Results summary with pagination details
    • Detailed vulnerability information including:
      • Basic information
      • Severity scores
      • Impact assessments
      • References

Requirements

Troubleshooting

API Key Issues

If you see API key related errors (e.g., "Request failed with status code 401"):

  1. Verify your API key:

    • Must be a valid Shodan API key from your account settings
    • Ensure the key has sufficient credits/permissions for the operation
    • Check for extra spaces or quotes around the key in the configuration
    • Verify the key is correctly set in the SHODAN_API_KEY environment variable

  2. Common Error Codes:

    • 401 Unauthorized: Invalid API key or missing authentication
    • 402 Payment Required: Out of query credits
    • 429 Too Many Requests: Rate limit exceeded

  3. Configuration Steps: a. Get your API key from Shodan Account b. Add it to your configuration file:

    json
    {
  "mcpServers": {
    "shodan": {
      "command": "mcp-shodan",
      "env": {
        "SHODAN_API_KEY": "your-actual-api-key-here"
      }
    }
  }
}

    c. Save the config file d. Restart Claude Desktop

  4. Testing Your Key:

    • Try a simple query first (e.g., dns_lookup for "google.com")
    • Check your Shodan account dashboard for credit status
    • Verify the key works directly with curl: 
      bash
      curl "https://api.shodan.io/dns/resolve?hostnames=google.com&key=your-api-key"

Module Loading Issues

If you see module loading errors:

  1. For global installation: Use the simple configuration shown in Quick Start
  2. For source installation: Ensure you're using Node.js v18 or later

Development

Build the project:

bash
npm install
npm run build

Test interactively with FastMCP's built-in dev tool:

bash
npx fastmcp dev build/index.js

Error Handling

The server includes comprehensive error handling for:

  • Invalid API keys
  • Rate limiting
  • Network errors
  • Invalid input parameters
  • Invalid CVE formats
  • Invalid CPE lookup parameters
  • Invalid date formats
  • Mutually exclusive parameter validation

Version History

  • v1.0.22: Published to the official MCP Registry — added server.json manifest, CLI install support for Claude Code, Codex, and Gemini CLI
  • v1.1.0: Migrated from raw @modelcontextprotocol/sdk to FastMCP — modular tool files, automatic schema validation, simplified error handling
  • v1.0.12: Added reverse DNS lookup and improved output formatting
  • v1.0.7: Added CVEs by Product search functionality and renamed vulnerabilities tool to cve_lookup
  • v1.0.6: Added CVEDB integration for enhanced CVE lookups and CPE search functionality
  • v1.0.0: Initial release with core functionality

Contributing

  1. Fork the repository
  2. Create a feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

License

This project is licensed under the MIT License - see the LICENSE file for details.

Installation

TypingMind
Prerequisites:

Node.js 18+

{
  "mcpServers": {
    "shodan": {
      "command": "npx",
      "args": [
        "-y",
        "@burtthecoder/mcp-shodan"
      ],
      "env": {
        "SHODAN_API_KEY": "your-shodan-api-key"
      }
    }
  }
}

Use Shodan MCP with multiple AI models

TypingMind connects MCP tools at the workspace level, so once Shodan is connected, you can use it with different AI models in TypingMind instead of setting it up separately for each model. This MCP runs locally through the TypingMind MCP connector on your device.

Setup guide to use the local connector

Use this when the MCP server needs access to local files, apps, or private resources on your computer.

1

Open the MCP settings

In TypingMind, go to Settings, Advanced Settings, then Model Context Protocol and choose Setup Connector.

  1. Open TypingMind in your browser.
  2. Click the Settings icon.
  3. Go to Advanced Settings.
  4. Open the Model Context Protocol section.
  5. Click Setup Connector and choose This Device.
TypingMind MCP connector setup screen with This Device selected
2

Run the connector command

Choose This Device, copy the command from TypingMind, and run it in Terminal. Keep the process running while you use MCP.

  1. Copy the setup command shown by TypingMind.
  2. Open Terminal on macOS or Windows Terminal on Windows.
  3. Paste and run the command.
  4. Approve the package install if Terminal asks you to proceed.
  5. Keep the Terminal window running while using MCP tools.
3

Add Shodan as a server

When the connector status is Ready, click Edit Servers and paste the MCP server configuration.

  1. Wait until the connector status shows Ready.
  2. Click Edit Servers.
  3. Paste the Shodan MCP server configuration.
  4. Save the server list.
  5. Refresh if you want to confirm the connector is still ready.
TypingMind MCP settings showing active server and Edit Servers button
{
  "mcpServers": {
    "shodan": {
      "command": "npx",
      "args": [
        "-y",
        "@burtthecoder/mcp-shodan"
      ]
    }
  }
}
4

Use it across models

Save the server list, open Plugins, enable the Shodan MCP tools, then select any supported AI model in TypingMind and use the tools in chat or assign them to an AI agent.

  1. Open the Plugins page in TypingMind.
  2. Enable the Shodan MCP tools.
  3. Start a chat and choose the AI model you want to use.
  4. Use the MCP tools in chat or assign them to an AI agent.
  5. Switch to another AI model whenever needed without reconnecting MCP.
TypingMind chat using enabled MCP tools with a selected AI model
Can you use Shodan to help me with this task?
Shodan
Sure. I read it.
Here is what I found using Shodan.

Frequently asked questions

What is the Shodan MCP server used for?

Shodan is an MCP server that lets compatible AI clients connect to external tools and context. In TypingMind, you can add this MCP server once and make its tools available in your AI workspace.

Can I use Shodan MCP with multiple AI models in TypingMind?

Yes. TypingMind connects MCP tools at the workspace level, so you can use Shodan with different AI models such as Claude, ChatGPT, Gemini, or other models you have configured in TypingMind without setting up the MCP server separately for each model.

Why use Shodan MCP with TypingMind?

TypingMind is one of the best frontends for LLM chat because it brings multiple AI models, prompts, plugins, AI agents, API keys, and MCP tools into one workspace. With Shodan connected, you can use its MCP tools across your preferred models while keeping your chat workflow organized in TypingMind.

How do I connect Shodan MCP to TypingMind?

Shodan runs through the TypingMind local MCP connector. This is best when the MCP server needs access to local files, desktop apps, command-line tools, or private resources on your computer.

What tools does Shodan MCP provide in TypingMind?

Shodan exposes MCP capabilities that can be enabled from the TypingMind Plugins page and used in chat or assigned to AI agents.

Do I need to share my API keys with TypingMind to use Shodan MCP?

No. TypingMind is local-first and lets you keep your model providers, API keys, prompts, and MCP configuration under your control. If Shodan requires authentication, add the required headers, OAuth settings, or local configuration for that MCP server when you create the connection.

Related MCP Servers

View all
LaurieWired logo

GhidraMCP

LaurieWired
CommunityPopular

MCP Server for Ghidra

900
8.9K
0 tools
View details
0x4m4 logo

HexStrike AI

0x4m4
CommunityPopular

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities.

1.9K
8.7K
0 tools
View details
webflow logo

Webflow

webflow
CommunityPopular

Official Webflow MCP server. Manage sites, pages, CMS collections, and form submissions via Webflow's Data API. Publish drafts, update content, and automate site operations.

0
3.9K
16 tools
View details
integromat logo

Make.com (Integromat)

integromat
CommunityPopular

Official Make.com MCP server. Trigger scenarios, manage connections, and automate workflows across 2,000+ apps via Make's visual automation platform.

0
3.8K
16 tools
View details

Set up your own AI workspace now

Get notified about new features and future giveaways by subscribing to our newsletter 👇