The Shodan MCP Server provides access to Shodan API functionality for querying internet-connected devices and services. With this server you can:
- Get detailed information about specific IP addresses
- Search Shodan's database for devices and services using search queries
- Scan network ranges specified in CIDR notation for devices
- Retrieve SSL certificate information for given domains
- Search for specific types of IoT devices, optionally filtered by country
Supports configuration via .env file to securely store the Shodan API key
Provides repository hosting for the Shodan MCP Server code and issue tracking
Example in search patterns for finding SSL certificates issued to Google
The MCP server runs on Node.js (v16 or higher), providing the runtime environment for accessing Shodan API functionality
Used for managing dependencies and building the project, required for installation (v7 or higher)
Shodan MCP Server
A Model Context Protocol (MCP) server that provides access to Shodan API functionality, allowing AI assistants to query information about internet-connected devices and services.
Features
- Host Information: Get detailed information about specific IP addresses
- Search Capabilities: Search Shodan's database for devices and services
- Network Scanning: Scan network ranges (CIDR notation) for devices
- SSL Certificate Information: Get SSL certificate details for domains
- IoT Device Search: Find specific types of IoT devices
Installation
- Clone the repository:
- Install dependencies:
- Build the server:
- Set up your Shodan API key:
- Start the server:
MCP Integration
This server can be integrated with Claude or other MCP-compatible AI assistants. To add it to Claude Desktop or Claude.app:
- Add the server to your MCP settings:
- Restart Claude to load the new MCP server.
Available Tools
get_host_info
Get detailed information about a specific IP address.
Parameters:
ip
(required): IP address to look upmax_items
(optional): Maximum number of items to include in arrays (default: 5)fields
(optional): List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])
search_shodan
Search Shodan's database for devices and services.
Parameters:
query
(required): Shodan search query (e.g., 'apache country:US')page
(optional): Page number for results pagination (default: 1)facets
(optional): List of facets to include in the search results (e.g., ['country', 'org'])max_items
(optional): Maximum number of items to include in arrays (default: 5)fields
(optional): List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])summarize
(optional): Whether to return a summary of the results instead of the full data (default: false)
scan_network_range
Scan a network range (CIDR notation) for devices.
Parameters:
cidr
(required): Network range in CIDR notation (e.g., 192.168.1.0/24)max_items
(optional): Maximum number of items to include in results (default: 5)fields
(optional): List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])
get_ssl_info
Get SSL certificate information for a domain.
Parameters:
domain
(required): Domain name to look up SSL certificates for (e.g., example.com)
search_iot_devices
Search for specific types of IoT devices.
Parameters:
device_type
(required): Type of IoT device to search for (e.g., 'webcam', 'router', 'smart tv')country
(optional): Optional country code to limit search (e.g., 'US', 'DE')max_items
(optional): Maximum number of items to include in results (default: 5)
Available Resources
shodan://host/{ip}
: Information about a specific IP address
API Limitations
Some Shodan API endpoints require a paid membership. The following features are only available with a paid Shodan API key:
- Search functionality
- Network scanning
- SSL certificate lookup
- IoT device search
License
MIT
Developed by
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.
Related MCP Servers
- -securityAlicense-qualityMCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.Last updated -766318JavaScriptMIT License
- AsecurityAlicenseAqualityProvides comprehensive access to Roam Research's API functionality. This server enables AI assistants like Claude to interact with your Roam Research graph through a standardized interface.Last updated -182538TypeScriptMIT License
- -securityFlicense-qualityA Model Context Protocol server that provides access to Shodan and VirusTotal APIs for cybersecurity analysis, enabling analysts to perform network intelligence operations including host lookups, vulnerability analysis, and threat intelligence gathering.Last updated -1TypeScript
- -securityFlicense-qualityA WebSocket server that provides MCP interface for searching and retrieving information about internet-connected devices, IP addresses, DNS data, and CVE vulnerabilities through the Shodan API.Last updated -JavaScript