Shodan MCP Server

A Model Context Protocol (MCP) server that provides access to Shodan API functionality, allowing AI assistants to query information about internet-connected devices and services.

Features

Host Information: Get detailed information about specific IP addresses
Search Capabilities: Search Shodan's database for devices and services
Network Scanning: Scan network ranges (CIDR notation) for devices
SSL Certificate Information: Get SSL certificate details for domains
IoT Device Search: Find specific types of IoT devices

Installation

Clone the repository:
git clone https://github.com/Cyreslab-AI/shodan-mcp-server.git cd shodan-mcp-server
Install dependencies:
npm install
Build the server:
npm run build
Set up your Shodan API key:
export SHODAN_API_KEY="your-api-key-here"
Start the server:
npm start

MCP Integration

This server can be integrated with Claude or other MCP-compatible AI assistants. To add it to Claude Desktop or Claude.app:

Add the server to your MCP settings:
{ "mcpServers": { "shodan": { "command": "node", "args": ["/path/to/shodan-mcp-server/build/index.js"], "env": { "SHODAN_API_KEY": "your-api-key-here" } } } }
Restart Claude to load the new MCP server.

Available Tools

get_host_info

Get detailed information about a specific IP address.

Parameters:

ip (required): IP address to look up
max_items (optional): Maximum number of items to include in arrays (default: 5)
fields (optional): List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])

search_shodan

Search Shodan's database for devices and services.

Parameters:

query (required): Shodan search query (e.g., 'apache country:US')
page (optional): Page number for results pagination (default: 1)
facets (optional): List of facets to include in the search results (e.g., ['country', 'org'])
max_items (optional): Maximum number of items to include in arrays (default: 5)
fields (optional): List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])
summarize (optional): Whether to return a summary of the results instead of the full data (default: false)

scan_network_range

Scan a network range (CIDR notation) for devices.

Parameters:

cidr (required): Network range in CIDR notation (e.g., 192.168.1.0/24)
max_items (optional): Maximum number of items to include in results (default: 5)
fields (optional): List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])

get_ssl_info

Get SSL certificate information for a domain.

Parameters:

domain (required): Domain name to look up SSL certificates for (e.g., example.com)

search_iot_devices

Search for specific types of IoT devices.

Parameters:

device_type (required): Type of IoT device to search for (e.g., 'webcam', 'router', 'smart tv')
country (optional): Optional country code to limit search (e.g., 'US', 'DE')
max_items (optional): Maximum number of items to include in results (default: 5)

Available Resources

shodan://host/{ip}: Information about a specific IP address

API Limitations

Some Shodan API endpoints require a paid membership. The following features are only available with a paid Shodan API key:

Search functionality
Network scanning
SSL certificate lookup
IoT device search

License

MIT

Developed by

Cyreslab.ai

You must be authenticated.

security – no known vulnerabilities

license - permissive license

quality - confirmed to work

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

Tools

Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.

Related MCP Servers

ADEO CTI MCP Server
ADEOSec
-
security
F
license
-
quality
A Model Context Protocol server that provides access to Shodan and VirusTotal APIs for cybersecurity analysis, enabling analysts to perform network intelligence operations including host lookups, vulnerability analysis, and threat intelligence gathering.
Last updated -
1
TypeScript
Home Assistant MCP
guilhermelirio
-
security
A
license
-
quality
Provides tools for AI assistants to interact with smart home devices through Home Assistant, allowing operations like checking entity states and calling services.
Last updated -
TypeScript
MIT License
Shodan-MCP-Server
X3r0K
-
security
F
license
-
quality
This is a Model Context Protocol (MCP) server that provides access to the Shodan API. It allows you to programmatically query Shodan for information about devices, vulnerabilities, and more.
Last updated -
JavaScript
HydraΜCP
HappyHackingSpace
-
security
A
license
-
quality
A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis.
Last updated -
5
Python
MIT License

View all related MCP servers

Shodan MCP Server