SHODAN MCP Server

SHODAN-MCP brings the power of Shodan’s internet-wide device search and security analytics to FlowHunt, enabling seamless AI-driven threat intelligence and vulnerability assessment.

Cybersecurity AI Tools MCP Integration Threat Intelligence +2 more
SHODAN MCP Server

What does “SHODAN” MCP Server do?

SHODAN-MCP is a powerful interface to the Shodan API, designed to simplify interaction with the world’s first search engine for Internet-connected devices. It provides a comprehensive set of tools for security researchers, penetration testers, and cybersecurity professionals to explore, analyze, and monitor the global internet landscape. By exposing Shodan’s capabilities through the Model Context Protocol (MCP), the SHODAN-MCP server enables AI assistants and development tools to perform advanced queries, analyze vulnerabilities, and gather host intelligence directly from the Shodan API. This integration streamlines tasks such as network mapping, vulnerability assessment, and device discovery, significantly enhancing development and research workflows involving cybersecurity intelligence.

List of Prompts

No information regarding prompt templates is provided in the repository.

List of Resources

No explicit resources section is documented in the repository.

List of Tools

No direct tool definitions are provided in the root README or visible code structure. The server appears to expose actions such as search, host information retrieval, vulnerability discovery, and DNS intelligence, but these are described as features rather than MCP tool primitives.

Use Cases of this MCP Server

  • Vulnerability Discovery: Find devices exposed to specific CVEs or vulnerabilities, enabling quick identification of at-risk systems on the internet.
  • Host Intelligence Gathering: Retrieve detailed information about any IP, including open ports, service banners, and configurations for comprehensive security analysis.
  • Network Mapping & Enumeration: Map out domain infrastructure, associated services, and perform reverse DNS lookups to understand organizational attack surfaces.
  • Security Research & Threat Assessment: Analyze exploitation risks using CVSS scores and EPSS metrics, enhancing penetration testing and vulnerability management processes.
  • Organization & Geographic Analysis: Break down search results by organization or geography, supporting red teaming and global threat intelligence.

How to set it up

Windsurf

  1. Ensure Python 3.8+ and a valid Shodan API key are available.
  2. Clone the SHODAN-MCP repository and install dependencies.
  3. Add SHODAN-MCP as an MCP server in Windsurf’s configuration:
    "mcpServers": {
  "shodan-mcp": {
    "command": "python",
    "args": ["shodan-mcp-server/main.py"]
  }
}
  4. Save the configuration and restart Windsurf.
  5. Verify by issuing a sample SHODAN query in the interface.

Securing API Keys

Store your API key in an environment variable:

{
  "env": {
    "SHODAN_API_KEY": "your_api_key_here"
  },
  "inputs": {}
}

Claude

  1. Install Python 3.8+ and your Shodan API key.
  2. Clone and set up the repository as described.
  3. In Claude Desktop, go to Settings → Developer → Edit Config.
  4. Add the SHODAN-MCP server:
    "mcpServers": {
  "shodan-mcp": {
    "command": "python",
    "args": ["shodan-mcp-server/main.py"]
  }
}
  5. Save and restart Claude Desktop.

Cursor

  1. Prerequisites: Python 3.8+, Shodan API key.
  2. Clone and install SHODAN-MCP.
  3. Open Cursor’s MCP configuration file.
  4. Add the server:
    "mcpServers": {
  "shodan-mcp": {
    "command": "python",
    "args": ["shodan-mcp-server/main.py"]
  }
}
  5. Save changes and restart Cursor.

Cline

  1. Ensure Python 3.8+ and a Shodan API key are available.
  2. Clone the repo and install dependencies.
  3. Edit Cline’s configuration to include:
    "mcpServers": {
  "shodan-mcp": {
    "command": "python",
    "args": ["shodan-mcp-server/main.py"]
  }
}
  4. Save and restart Cline.

How to use this MCP inside flows

Using MCP in FlowHunt

To integrate MCP servers into your FlowHunt workflow, start by adding the MCP component to your flow and connecting it to your AI agent:

FlowHunt MCP flow

Click on the MCP component to open the configuration panel. In the system MCP configuration section, insert your MCP server details using this JSON format:

{
  "shodan-mcp": {
    "transport": "streamable_http",
    "url": "https://yourmcpserver.example/pathtothemcp/url"
  }
}

Once configured, the AI agent is now able to use this MCP as a tool with access to all its functions and capabilities. Remember to change “shodan-mcp” to whatever the actual name of your MCP server is and replace the URL with your own MCP server URL.

Overview

SectionAvailabilityDetails/Notes
OverviewClear description in README.md
List of PromptsNo prompt templates documented
List of ResourcesNo explicit resources documented
List of ToolsTools described as features, not as explicit MCP tools
Securing API KeysShows .env usage and JSON env example
Sampling Support (less important in evaluation)No sampling feature documented

Based on the above, SHODAN-MCP provides a great overview and setup guidance, but lacks documentation for prompts, resources, tools, and sampling/roots support. For a developer seeking a plug-and-play MCP with rich LLM integration patterns, it may require additional work. My rating: 4/10.

MCP Score

Has a LICENSE✅ (MIT)
Has at least one tool
Number of Forks1
Number of Stars5

Frequently asked questions

What is the SHODAN-MCP Server?

SHODAN-MCP is an interface to the Shodan API, allowing AI agents and development tools to perform device discovery, vulnerability analysis, and network mapping using the Model Context Protocol (MCP) within FlowHunt workflows.

What are the main use cases for SHODAN-MCP?

SHODAN-MCP enables vulnerability discovery, host intelligence gathering, network mapping, security research, and organizational or geographic threat analysis directly from FlowHunt.

How do I set up SHODAN-MCP in my environment?

Install Python 3.8+, obtain a Shodan API key, clone the SHODAN-MCP repository, and follow the client-specific configuration steps for Windsurf, Claude, Cursor, or Cline as described above.

Is my Shodan API key secure with SHODAN-MCP?

Yes, you should store your API key in an environment variable as shown in the configuration instructions to keep it secure and out of source code.

Does SHODAN-MCP provide prompt templates or explicit tool definitions?

No, SHODAN-MCP exposes actions such as search and vulnerability analysis as features, but does not include prompt templates or explicit MCP tool primitives in its documentation.

Integrate SHODAN-MCP in FlowHunt

Unlock real-time device discovery and vulnerability analysis by connecting SHODAN-MCP to your FlowHunt flows. Enhance your security automation and threat intelligence today.

Get Started See Setup Guide

Learn more