playbooks
Learn Rules MCPs Modes
AI Image Editor
Log in

Shodan MCP server

Access Shodan API and CVEDB to query IoT device data and vulnerability information.
Back to servers
Provider
BurtTheCoder
Release date
Dec 12, 2024
Language
TypeScript
Package
npm
Stats
3.6K downloads
33 stars
View on GitHub

This MCP server provides a convenient way to access Shodan's network intelligence and security services through Claude Desktop. It offers tools for IP reconnaissance, DNS operations, vulnerability tracking, and device discovery with structured outputs for easy analysis.

Installation

Quick Setup with Smithery

The simplest way to install the Shodan MCP server:

npx -y @smithery/cli install @burtthecoder/mcp-shodan --client claude

Manual Installation

  1. Install the server globally via npm:
npm install -g @burtthecoder/mcp-shodan
  1. Add to your Claude Desktop configuration file:
{
  "mcpServers": {
    "shodan": {
      "command": "mcp-shodan",
      "env": {
        "SHODAN_API_KEY": "your-shodan-api-key"
      }
    }
  }
}

Configuration file location:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
  1. Restart Claude Desktop

Alternative Setup (From Source)

If you prefer to run from source:

  1. Clone and build:
git clone https://github.com/BurtTheCoder/mcp-shodan.git
cd mcp-shodan
npm install
npm run build
  1. Add to your Claude Desktop configuration:
{
  "mcpServers": {
    "shodan": {
      "command": "node",
      "args": ["/absolute/path/to/mcp-shodan/build/index.js"],
      "env": {
        "SHODAN_API_KEY": "your-shodan-api-key"
      }
    }
  }
}

Available Tools

IP Lookup Tool

Retrieves comprehensive information about an IP address.

  • Tool name: ip_lookup
  • Parameters:
    • ip (required): IP address to lookup
  • Returns: IP information, location, services, cloud provider details, hostnames, and tags

Shodan Search Tool

Search Shodan's database of internet-connected devices.

  • Tool name: shodan_search
  • Parameters:
    • query (required): Shodan search query
    • max_results (optional, default: 10): Number of results to return
  • Returns: Search summary, country-based distribution, and detailed device information

CVE Lookup Tool

Query detailed vulnerability information from Shodan's CVEDB.

  • Tool name: cve_lookup
  • Parameters:
    • cve (required): CVE identifier in format CVE-YYYY-NNNNN (e.g., CVE-2021-44228)
  • Returns: Vulnerability details, severity scores, impact assessment, affected products, and references

DNS Lookup Tool

Resolve domain names to IP addresses using Shodan's DNS service.

  • Tool name: dns_lookup
  • Parameters:
    • hostnames (required): Array of hostnames to resolve
  • Returns: DNS resolutions mapping hostnames to IPs and summary information

Reverse DNS Lookup Tool

Perform reverse DNS lookups to find hostnames associated with IP addresses.

  • Tool name: reverse_dns_lookup
  • Parameters:
    • ips (required): Array of IP addresses to lookup
  • Returns: Reverse DNS resolutions mapping IPs to hostnames and summary information

CPE Lookup Tool

Search for Common Platform Enumeration (CPE) entries by product name.

  • Tool name: cpe_lookup
  • Parameters:
    • product (required): Name of the product to search for
    • count (optional, default: false): If true, returns only the count of matching CPEs
    • skip (optional, default: 0): Number of CPEs to skip (for pagination)
    • limit (optional, default: 1000): Maximum number of CPEs to return
  • Returns: Either total count of matching CPEs or list of CPEs with pagination details

CVEs by Product Tool

Search for vulnerabilities affecting specific products or CPEs.

  • Tool name: cves_by_product
  • Parameters:
    • cpe23 (optional): CPE 2.3 identifier (format: cpe:2.3:part:vendor:product:version)
    • product (optional): Name of the product to search for CVEs
    • count (optional, default: false): If true, returns only the count of matching CVEs
    • is_kev (optional, default: false): If true, returns only CVEs with KEV flag set
    • sort_by_epss (optional, default: false): If true, sorts CVEs by EPSS score
    • skip (optional, default: 0): Number of CVEs to skip (for pagination)
    • limit (optional, default: 1000): Maximum number of CVEs to return
    • start_date (optional): Start date for filtering CVEs (format: YYYY-MM-DDTHH:MM:SS)
    • end_date (optional): End date for filtering CVEs (format: YYYY-MM-DDTHH:MM:SS)
  • Note: Must provide either cpe23 or product, but not both
  • Returns: Query information, results summary, and detailed vulnerability information

Requirements

Troubleshooting

API Key Issues

If you encounter API key related errors:

  1. Verify your API key:

    • Must be a valid Shodan API key from your account settings
    • Ensure the key has sufficient credits/permissions
    • Check for extra spaces or quotes around the key
    • Verify the key is correctly set in the environment variable

  2. Common error codes:

    • 401 Unauthorized: Invalid API key or missing authentication
    • 402 Payment Required: Out of query credits
    • 429 Too Many Requests: Rate limit exceeded

  3. Steps to configure your API key:

    • Get your API key from Shodan Account
    • Add it to your configuration file
    • Save the config file
    • Restart Claude Desktop

  4. To test your key:

    • Try a simple query first (e.g., dns_lookup for "google.com")
    • Check your Shodan account dashboard for credit status
    • Verify the key works directly with curl: 
      curl "https://api.shodan.io/dns/resolve?hostnames=google.com&key=your-api-key"

Module Loading Issues

If you see module loading errors:

  1. For global installation: Use the simple configuration shown in Quick Start
  2. For source installation: Ensure you're using Node.js v18 or later

How to add this MCP server to Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > MCP and click "Add new global MCP server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "cursor-rules-mcp": {
            "command": "npx",
            "args": [
                "-y",
                "cursor-rules-mcp"
            ]
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explictly ask the agent to use the tool by mentioning the tool name and describing what the function does.

Want to 10x your AI skills?

Get a free account and learn to code + market your apps using AI (with or without vibes!).

Nah, maybe later