"What is the SHODAN-MCP Server?"

"SHODAN-MCP is an interface to the Shodan API, allowing AI agents and development tools to perform device discovery, vulnerability analysis, and network mapping using the Model Context Protocol (MCP) within FlowHunt workflows."

"What are the main use cases for SHODAN-MCP?"

"SHODAN-MCP enables vulnerability discovery, host intelligence gathering, network mapping, security research, and organizational or geographic threat analysis directly from FlowHunt."

"How do I set up SHODAN-MCP in my environment?"

"Install Python 3.8+, obtain a Shodan API key, clone the SHODAN-MCP repository, and follow the client-specific configuration steps for Windsurf, Claude, Cursor, or Cline as described above."

"Is my Shodan API key secure with SHODAN-MCP?"

"Yes, you should store your API key in an environment variable as shown in the configuration instructions to keep it secure and out of source code."

"Does SHODAN-MCP provide prompt templates or explicit tool definitions?"

"No, SHODAN-MCP exposes actions such as search and vulnerability analysis as features, but does not include prompt templates or explicit MCP tool primitives in its documentation."

SHODAN MCP Server

SHODAN-MCP brings the power of Shodan’s internet-wide device search and security analytics to FlowHunt, enabling seamless AI-driven threat intelligence and vulnerability assessment.

What does “SHODAN” MCP Server do?

SHODAN-MCP is a powerful interface to the Shodan API, designed to simplify interaction with the world’s first search engine for Internet-connected devices. It provides a comprehensive set of tools for security researchers, penetration testers, and cybersecurity professionals to explore, analyze, and monitor the global internet landscape. By exposing Shodan’s capabilities through the Model Context Protocol (MCP), the SHODAN-MCP server enables AI assistants and development tools to perform advanced queries, analyze vulnerabilities, and gather host intelligence directly from the Shodan API. This integration streamlines tasks such as network mapping, vulnerability assessment, and device discovery, significantly enhancing development and research workflows involving cybersecurity intelligence.

List of Prompts

No information regarding prompt templates is provided in the repository.

List of Resources

No explicit resources section is documented in the repository.

List of Tools

No direct tool definitions are provided in the root README or visible code structure. The server appears to expose actions such as search, host information retrieval, vulnerability discovery, and DNS intelligence, but these are described as features rather than MCP tool primitives.

Use Cases of this MCP Server

Vulnerability Discovery: Find devices exposed to specific CVEs or vulnerabilities, enabling quick identification of at-risk systems on the internet.
Host Intelligence Gathering: Retrieve detailed information about any IP, including open ports, service banners, and configurations for comprehensive security analysis.
Network Mapping & Enumeration: Map out domain infrastructure, associated services, and perform reverse DNS lookups to understand organizational attack surfaces.
Security Research & Threat Assessment: Analyze exploitation risks using CVSS scores and EPSS metrics, enhancing penetration testing and vulnerability management processes.
Organization & Geographic Analysis: Break down search results by organization or geography, supporting red teaming and global threat intelligence.

How to set it up

Windsurf

Ensure Python 3.8+ and a valid Shodan API key are available.
Clone the SHODAN-MCP repository and install dependencies.

Add SHODAN-MCP as an MCP server in Windsurf’s configuration:

"mcpServers": {
  "shodan-mcp": {
    "command": "python",
    "args": ["shodan-mcp-server/main.py"]
  }
}

Save the configuration and restart Windsurf.
Verify by issuing a sample SHODAN query in the interface.

Securing API Keys

Store your API key in an environment variable:

{
  "env": {
    "SHODAN_API_KEY": "your_api_key_here"
  },
  "inputs": {}
}

Claude

Install Python 3.8+ and your Shodan API key.
Clone and set up the repository as described.
In Claude Desktop, go to Settings → Developer → Edit Config.

Add the SHODAN-MCP server:

"mcpServers": {
  "shodan-mcp": {
    "command": "python",
    "args": ["shodan-mcp-server/main.py"]
  }
}

Save and restart Claude Desktop.

Cursor

Prerequisites: Python 3.8+, Shodan API key.
Clone and install SHODAN-MCP.
Open Cursor’s MCP configuration file.

Add the server:

"mcpServers": {
  "shodan-mcp": {
    "command": "python",
    "args": ["shodan-mcp-server/main.py"]
  }
}

Save changes and restart Cursor.

Cline

Ensure Python 3.8+ and a Shodan API key are available.
Clone the repo and install dependencies.

Edit Cline’s configuration to include:

"mcpServers": {
  "shodan-mcp": {
    "command": "python",
    "args": ["shodan-mcp-server/main.py"]
  }
}

Save and restart Cline.

How to use this MCP inside flows

Using MCP in FlowHunt

To integrate MCP servers into your FlowHunt workflow, start by adding the MCP component to your flow and connecting it to your AI agent:

Click on the MCP component to open the configuration panel. In the system MCP configuration section, insert your MCP server details using this JSON format:

{
  "shodan-mcp": {
    "transport": "streamable_http",
    "url": "https://yourmcpserver.example/pathtothemcp/url"
  }
}

Once configured, the AI agent is now able to use this MCP as a tool with access to all its functions and capabilities. Remember to change “shodan-mcp” to whatever the actual name of your MCP server is and replace the URL with your own MCP server URL.

Overview

Section	Availability	Details/Notes
Overview	✅	Clear description in README.md
List of Prompts	⛔	No prompt templates documented
List of Resources	⛔	No explicit resources documented
List of Tools	⛔	Tools described as features, not as explicit MCP tools
Securing API Keys	✅	Shows .env usage and JSON env example
Sampling Support (less important in evaluation)	⛔	No sampling feature documented

Based on the above, SHODAN-MCP provides a great overview and setup guidance, but lacks documentation for prompts, resources, tools, and sampling/roots support. For a developer seeking a plug-and-play MCP with rich LLM integration patterns, it may require additional work. My rating: 4/10.

MCP Score

Has a LICENSE	✅ (MIT)
Has at least one tool	⛔
Number of Forks	1
Number of Stars	5

Frequently asked questions

What is the SHODAN-MCP Server?: SHODAN-MCP is an interface to the Shodan API, allowing AI agents and development tools to perform device discovery, vulnerability analysis, and network mapping using the Model Context Protocol (MCP) within FlowHunt workflows.
What are the main use cases for SHODAN-MCP?: SHODAN-MCP enables vulnerability discovery, host intelligence gathering, network mapping, security research, and organizational or geographic threat analysis directly from FlowHunt.
How do I set up SHODAN-MCP in my environment?: Install Python 3.8+, obtain a Shodan API key, clone the SHODAN-MCP repository, and follow the client-specific configuration steps for Windsurf, Claude, Cursor, or Cline as described above.
Is my Shodan API key secure with SHODAN-MCP?: Yes, you should store your API key in an environment variable as shown in the configuration instructions to keep it secure and out of source code.
Does SHODAN-MCP provide prompt templates or explicit tool definitions?: No, SHODAN-MCP exposes actions such as search and vulnerability analysis as features, but does not include prompt templates or explicit MCP tool primitives in its documentation.

Integrate SHODAN-MCP in FlowHunt

Unlock real-time device discovery and vulnerability analysis by connecting SHODAN-MCP to your FlowHunt flows. Enhance your security automation and threat intelligence today.

Get Started See Setup Guide

Learn more

Model Context Protocol (MCP) Server

The Model Context Protocol (MCP) Server bridges AI assistants with external data sources, APIs, and services, enabling streamlined integration of complex workfl...

Jun 18, 2025 3 min read

AI MCP +4

Search1API MCP Server

The Search1API MCP Server integrates real-time web search and crawling capabilities into AI agents via the powerful Search1API, enabling live information retrie...

Jun 18, 2025 4 min read

AI MCP Server +5

Markitdown MCP Server

The Markitdown MCP Server bridges AI assistants with markdown content, enabling automated documentation, content analysis, and markdown file management for enha...