Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Sec Shodan

БесплатноНе проверен

Provides access to Shodan's IoT search engine API for device search, host intelligence, exploit database, network scanning, and security analysis through natura

GitHubEmbed

Описание

Provides access to Shodan's IoT search engine API for device search, host intelligence, exploit database, network scanning, and security analysis through natural language.

README

A Model Context Protocol (MCP) server that provides comprehensive access to the Shodan IoT search engine API. This enables AI assistants to perform network reconnaissance, vulnerability research, and security analysis using Shodan's powerful search capabilities.

Features

  • Device Search: Search the Shodan database for internet-connected devices using powerful query syntax
  • Host Intelligence: Get detailed information about specific IP addresses including open ports, services, and vulnerabilities
  • Exploit Database: Search Shodan's exploit database covering CVE, Exploit-DB, and Metasploit
  • Network Scanning: Request on-demand scans of IP addresses and network ranges
  • Network Monitoring: Create alerts to monitor IP ranges for changes
  • DNS Operations: Perform forward and reverse DNS lookups, enumerate subdomains
  • Honeypot Detection: Identify potential honeypots using Shodan's honeyscore algorithm

Prerequisites

Installation

# Clone the repository
git clone https://github.com/schwarztim/sec-shodan-mcp.git
cd sec-shodan-mcp

# Install dependencies
npm install

# Build the project
npm run build

Configuration

Claude Desktop

Add to your Claude Desktop configuration file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json Windows: %APPDATA%\Claude\claude_desktop_config.json Linux: ~/.config/claude/claude_desktop_config.json

{
  "mcpServers": {
    "shodan": {
      "command": "node",
      "args": ["/path/to/sec-shodan-mcp/dist/index.js"],
      "env": {
        "SHODAN_API_KEY": "your-api-key-here"
      }
    }
  }
}

Claude Code

Add to ~/.claude/user-mcps.json:

{
  "mcpServers": {
    "shodan": {
      "command": "node",
      "args": ["/path/to/sec-shodan-mcp/dist/index.js"],
      "env": {
        "SHODAN_API_KEY": "your-api-key-here"
      }
    }
  }
}

Available Tools

Search & Discovery

Tool Description
shodan_search Search Shodan for devices matching a query with filters like port:, country:, org:, product:, vuln:
shodan_host Get all information about a specific IP including ports, services, banners, vulnerabilities, and SSL certificates
shodan_count Count search results without consuming query credits

Exploits Database

Tool Description
shodan_exploits_search Search for exploits by CVE, author, platform, type, or port
shodan_exploits_count Count matching exploits without returning individual results

Network Scanning

Tool Description
shodan_scan Request on-demand scan of IP addresses or CIDR ranges
shodan_scan_status Check the status of a previously submitted scan
shodan_list_scans List all active on-demand scans

Network Alerts

Tool Description
shodan_alert_create Create monitoring alerts for IP ranges
shodan_alert_list List all active network alerts
shodan_alert_get Get details for a specific alert
shodan_alert_delete Delete a network alert
shodan_alert_triggers List available alert trigger types

DNS Operations

Tool Description
shodan_dns_resolve Resolve hostnames to IP addresses (forward DNS)
shodan_dns_reverse Look up hostnames for IP addresses (reverse DNS)
shodan_dns_domain Get DNS information for a domain including subdomains

Security Analysis

Tool Description
shodan_honeyscore Calculate probability that an IP is a honeypot (0.0 to 1.0)

Utility

Tool Description
shodan_ports List all ports that Shodan crawls
shodan_protocols List protocols available for on-demand scanning
shodan_filters List all search filters available in Shodan
shodan_facets List facets available for search result breakdowns
shodan_api_info Get API plan info including query and scan credits
shodan_account_profile Get account information for the API key
shodan_myip Get your current public IP address

Query Library

Tool Description
shodan_saved_queries Browse the directory of saved search queries
shodan_search_queries Search the saved query directory

Usage Examples

Search for Devices

# Find Apache servers in the United States
shodan_search: query="apache country:US"

# Find open SSH servers
shodan_search: query="port:22 product:openssh"

# Find devices vulnerable to Log4Shell
shodan_search: query="vuln:CVE-2021-44228"

# Find webcams with screenshots
shodan_search: query="webcam has_screenshot:true"

# Find industrial control systems
shodan_search: query="tag:ics"

# Find devices by organization
shodan_search: query="org:\"Google LLC\""

Get Host Information

# Get details about a specific IP
shodan_host: ip="8.8.8.8"

# Include historical data
shodan_host: ip="8.8.8.8" history=true

Search Exploits

# Search for Log4j exploits
shodan_exploits_search: query="log4j"

# Find exploits by CVE
shodan_exploits_search: query="cve:CVE-2021-44228"

# Find Metasploit modules
shodan_exploits_search: query="source:metasploit"

DNS Operations

# Resolve hostnames
shodan_dns_resolve: hostnames="google.com,github.com"

# Reverse DNS lookup
shodan_dns_reverse: ips="8.8.8.8,1.1.1.1"

# Get domain information
shodan_dns_domain: domain="example.com"

API Credits

Different Shodan API plans have different credit limits:

  • Free accounts: Limited search queries per month
  • Search with pagination: Consumes query credits
  • shodan_count: Does NOT consume credits (use for scoping)
  • On-demand scanning: Consumes scan credits (1 credit per IP)
  • Some filters (like vuln:) require paid plans

Check your current credits with shodan_api_info.

Development

# Run in development mode
npm run dev

# Build for production
npm run build

# Start the server
npm start

Security Notice

This tool is intended for legitimate security research, penetration testing (with authorization), and network defense purposes. Always ensure you have proper authorization before scanning or probing systems you do not own.

Resources

License

MIT License - see LICENSE for details.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

from github.com/schwarztim/sec-shodan-mcp

Установка Sec Shodan

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/schwarztim/sec-shodan-mcp

FAQ

Sec Shodan MCP бесплатный?

Да, Sec Shodan MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Sec Shodan?

Нет, Sec Shodan работает без API-ключей и переменных окружения.

Sec Shodan — hosted или self-hosted?

Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.

Как установить Sec Shodan в Claude Desktop, Claude Code или Cursor?

Открой Sec Shodan на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Sec Shodan with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории data