Skip to main content
Glama

Shodan MCP Server

by bonetrees
MIT License
  • Apple

Shodan MCP Server

An unofficial MCP (Model Context Protocol) server that provides Claude with access to Shodan for IP address lookups, service discovery, and vulnerability scanning.

Features

  • Host Lookup: Get detailed information about any IPv4 address
  • Search: Query Shodan's database using filters (e.g., apache port:80, country:US)
  • Count: Get result counts for queries without fetching full data
  • Account Info: Check your Shodan API usage and limits

Installation

  1. Clone the repository:
    git clone <your-repo-url> cd shodan_mcp
  2. Install dependencies using Poetry:
    poetry install
  3. Set up your Shodan API key:
    cp .env.example .env # Edit .env and add your Shodan API key
    Get your API key from Shodan Account.

Usage

Running the Server

poetry run python -m shodan_mcp

Connecting to Claude

Add this configuration to your Claude Desktop config.json file:

macOS: ~/Library/Application\ Support/Claude/claude_desktop_config.json
Windows: %APPDATA%/Claude/claude_desktop_config.json

{ "mcpServers": { "shodan": { "command": "/full/path/to/poetry", # you can find this using command `which poetry` "args": ["run","-C","/path/to/your/shodan_mcp","python", "-m", "shodan_mcp"], "cwd": "/path/to/your/shodan_mcp" } } }

Replace /path/to/your/shodan_mcp with the actual path to this project.

Available Tools

1. shodan_host_lookup

Look up detailed information about a specific IP address.

Parameters:

  • ip (required): IPv4 address to look up
  • history (optional): Include historical data (default: false)
  • minify (optional): Return minimal data (default: false)

Example:

Look up information for IP 8.8.8.8

Search Shodan's database using query filters.

Parameters:

  • query (required): Shodan search query
  • limit (optional): Maximum results to return (1-100, default: 10)

Example queries:

  • apache port:80 - Apache servers on port 80
  • country:US ssl:true - SSL servers in the US
  • product:nginx - Nginx servers
  • port:22 - SSH servers

3. shodan_count

Get the total count of results for a query without fetching the actual data.

Parameters:

  • query (required): Shodan search query

4. shodan_info

Get information about your Shodan API account (credits, plan, etc.).

Parameters: None

Example Usage with Claude

Once connected, you can ask Claude things like:

  • "Look up the IP address 1.1.1.1 using Shodan"
  • "Search for Apache servers in the US"
  • "How many SSH servers are there globally?"
  • "What's my current Shodan API usage?"

Development

Project Structure

shodan_mcp/ ├── src/ │ └── shodan_mcp/ │ ├── __init__.py │ └── server.py ├── .env.example ├── pyproject.toml └── README.md

Dependencies

  • mcp - Model Context Protocol library
  • shodan - Official Shodan Python library
  • python-decouple - Environment variable management

License

MIT License - see LICENSE file for details.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Disclaimer

This is an unofficial tool. Please respect Shodan's terms of service and rate limits.

-
security - not tested
A
license - permissive license
-
quality - not tested

Provides Claude with access to Shodan for IP address lookups, service discovery, and vulnerability scanning, allowing users to query information about hosts, count results, and check API usage.

  1. Features
    1. Installation
      1. Usage
        1. Running the Server
        2. Connecting to Claude
      2. Available Tools
        1. shodan_host_lookup
        2. shodan_search
        3. shodan_count
        4. shodan_info
      3. Example Usage with Claude
        1. Development
          1. Project Structure
          2. Dependencies
        2. License
          1. Contributing
            1. Disclaimer

              Related MCP Servers

              • -
                security
                A
                license
                -
                quality
                MCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.
                Last updated -
                7
                663
                18
                JavaScript
                MIT License
                • Apple
              • -
                security
                F
                license
                -
                quality
                A Model Context Protocol server that provides access to Shodan and VirusTotal APIs for cybersecurity analysis, enabling analysts to perform network intelligence operations including host lookups, vulnerability analysis, and threat intelligence gathering.
                Last updated -
                1
                TypeScript
              • A
                security
                A
                license
                A
                quality
                Provides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.
                Last updated -
                23
                23
                JavaScript
                MIT License
                • Linux
                • Apple
              • -
                security
                F
                license
                -
                quality
                A WebSocket server that provides MCP interface for searching and retrieving information about internet-connected devices, IP addresses, DNS data, and CVE vulnerabilities through the Shodan API.
                Last updated -
                JavaScript
                • Linux
                • Apple

              View all related MCP servers

              MCP directory API

              We provide all the information about MCP servers via our MCP API.

              curl -X GET 'https://glama.ai/api/mcp/v1/servers/bonetrees/shodan_mcp'

              If you have feedback or need assistance with the MCP directory API, please join our Discord server