osint-mcp-server

hackertarget_reverseip

Find all domains hosted on a specific IP address using HackerTarget's reverse IP lookup. Identify websites sharing the same server for security research or network analysis.

Instructions

Reverse IP lookup via HackerTarget — find all domains hosted on an IP. Free tier: 50 queries/day.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`ip`	Yes	IP address for reverse lookup

Implementation Reference

src/hackertarget/index.ts:44-48 (handler)

The core logic for performing the reverse IP lookup via the HackerTarget API.

export async function hackertargetReverseIp(ip: string): Promise<string[]> {
  const text = await htFetch("reverseiplookup", ip);
  if (!text) return [];
  return text.split("\n").filter(Boolean).map((l) => l.trim());
}

src/protocol/tools.ts:417-424 (registration)

Tool registration for 'hackertarget_reverseip', defining the schema and binding it to the implementation handler.

const hackertargetReverseIpTool: ToolDef = {
  name: "hackertarget_reverseip",
  description: "Reverse IP lookup via HackerTarget — find all domains hosted on an IP. Free tier: 50 queries/day.",
  schema: {
    ip: z.string().describe("IP address for reverse lookup"),
  },
  execute: async (args) => json(await hackertargetReverseIp(args.ip as string)),
};

Tool Definition Quality

A3.9/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It adds useful context about rate limits ('Free tier: 50 queries/day'), which is not covered by the schema. However, it lacks details on other behavioral traits such as response format, error handling, or authentication needs, leaving gaps for a tool with no annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is front-loaded with the core purpose in the first sentence and efficiently adds the rate limit in the second sentence. Every sentence earns its place with no wasted words, making it appropriately sized and easy to scan.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's low complexity (1 parameter, no output schema, no annotations), the description is somewhat complete by covering the purpose and rate limits. However, it lacks details on output behavior or error handling, which could be useful for an agent to understand what to expect from the tool's execution.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema description coverage is 100%, with the single parameter 'ip' well-documented in the schema. The description does not add any additional meaning or details about the parameter beyond what the schema provides, so it meets the baseline score of 3 for high schema coverage without extra value.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the specific action ('Reverse IP lookup') and resource ('find all domains hosted on an IP'), and distinguishes it from siblings by specifying the service provider ('via HackerTarget'), making it easy to differentiate from other IP-related tools like 'dns_reverse' or 'vt_ip'.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides clear context by mentioning the free tier limit ('50 queries/day'), which helps guide usage frequency. However, it does not explicitly state when to use this tool versus alternatives like 'dns_reverse' or 'vt_ip', which could be helpful for selection among siblings.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/badchars/osint-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server