mcp-shodan

Author: BurtTheCoder

Description: Model Context Protocol (MCP) server that exposes Shodan API & CVEDB capabilities (IP recon, DNS, vulnerability and device search) as structured MCP tools.

Stars: 67

Forks: 10

License: MIT License

Category: Specialized

GitHub NPM

Overview

Installation

1. Prerequisites

• Node.js ≥ 18

• npm (comes with Node.js)

• A valid SHODAN API key

2. Clone the repository

git clone https://github.com/BurtTheCoder/mcp-shodan.git
cd mcp-shodan

3. Install dependencies

npm install

4. Configure environment variables

export SHODAN_API_KEY="<your-shodan-key>"
# Optionally change the default HTTP port
export PORT=8080

5. Start the MCP server

npm start

6. Verify

curl "http://localhost:8080/healthz"  ➜  should return {"status":"ok"}
Docker (alternative)
   docker build -t mcp-shodan .
   docker run -d -p 8080:8080 -e SHODAN_API_KEY=<key> mcp-shodan

ip_lookup

Retrieve comprehensive information about an IP address, including geolocation, open ports, running services, SSL certificates, hostnames, and cloud provider details if available

shodan_search

Search Shodan's database of internet-connected devices

cve_lookup

Query detailed vulnerability information from Shodan's CVEDB

dns_lookup

Resolve domain names to IP addresses using Shodan's DNS service

reverse_dns_lookup

Perform reverse DNS lookups to find hostnames associated with IP addresses

cpe_lookup

Search for Common Platform Enumeration (CPE) entries by product name

cves_by_product

Search for vulnerabilities affecting specific products or CPEs

License: MIT License

Updated 7/30/2025

mcp-shodan

Overview

Installation

Available Tools

ip_lookup

shodan_search

cve_lookup

dns_lookup

reverse_dns_lookup

cpe_lookup

cves_by_product

Table of Contents

mcp-shodan

Overview

Installation

Available Tools(7)

Available Tools

ip_lookup

shodan_search

cve_lookup

dns_lookup

reverse_dns_lookup

cpe_lookup

cves_by_product

Table of Contents