Shodan MCP Server

SecurityTypeScript

Query Shodan's database for network intelligence and security information

Available Tools

ip_lookup

Retrieve comprehensive information about an IP address, including geolocation, open ports, running services, SSL certificates, hostnames, and cloud provider details if available

ip

shodan_search

Search Shodan's database of internet-connected devices

querymax_results

cve_lookup

Query detailed vulnerability information from Shodan's CVEDB

cve

dns_lookup

Resolve domain names to IP addresses using Shodan's DNS service

hostnames

reverse_dns_lookup

Perform reverse DNS lookups to find hostnames associated with IP addresses

ips

cpe_lookup

Search for Common Platform Enumeration (CPE) entries by product name

productcountskiplimit

cves_by_product

Search for vulnerabilities affecting specific products or CPEs

cpe23productcountis_kevsort_by_epssskiplimitstart_dateend_date

Shodan MCP provides comprehensive access to Shodan's network intelligence and security services. It enables users to perform IP reconnaissance, DNS operations, vulnerability tracking, and device discovery directly from their AI assistant. The server delivers structured, formatted output for easy analysis and integration with other security workflows.

Overview

Shodan MCP Server provides a powerful interface to Shodan's extensive database of internet-connected devices and security intelligence. This integration allows you to perform network reconnaissance, vulnerability research, and device discovery directly through your AI assistant.

Prerequisites

Before using the Shodan MCP Server, you'll need:

A Shodan API key (available from shodan.io)
Node.js installed on your system (if installing manually)

Installation Options

Option 1: Install via Smithery (Recommended)

The easiest way to install the Shodan MCP Server is through Smithery:

npx -y @smithery/cli install @burtthecoder/mcp-shodan --client claude

This command automatically configures the server for Claude Desktop.

Option 2: Install Manually via NPM

Install the server globally:

npm install -g @burtthecoder/mcp-shodan

Add the server configuration to your Claude Desktop configuration file:

{
  "mcpServers": {
    "shodan": {
      "command": "mcp-shodan",
      "env": {
        "SHODAN_API_KEY": "your-shodan-api-key"
      }
    }
  }
}

Configuration file locations:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json

Restart Claude Desktop to apply the changes.

Option 3: Run from Source

If you need to modify the code or prefer to run from source:

Clone the repository and build:

git clone https://github.com/BurtTheCoder/mcp-shodan.git
cd mcp-shodan
npm install
npm run build

Configure your Claude Desktop:

{
  "mcpServers": {
    "shodan": {
      "command": "node",
      "args": ["/absolute/path/to/mcp-shodan/build/index.js"],
      "env": {
        "SHODAN_API_KEY": "your-shodan-api-key"
      }
    }
  }
}

Usage

Once installed, you can use the Shodan MCP Server by asking your AI assistant to perform various security and network intelligence tasks. For example:

"Look up information about IP address 8.8.8.8"
"Search Shodan for Apache servers with vulnerabilities"
"Get details about CVE-2021-44228"
"Perform a DNS lookup for example.com"
"Find all CVEs affecting Nginx 1.18"

The server will process your request and return structured information that your AI assistant can analyze and explain.

API Key Security

Your Shodan API key is sensitive information. When configuring the MCP server:

Never share your configuration files containing the API key
Consider using environment variables or a secure secrets manager
Be mindful of API usage limits on your Shodan account

Troubleshooting

If you encounter issues:

Verify your Shodan API key is valid and has sufficient credits
Check that the server is properly configured in your Claude Desktop settings
Restart Claude Desktop after making configuration changes
For detailed logs, run the server manually with the --debug flag