Shodan MCP Server

Enables to search and analyze internet-connected devices using the Shodan API, with tools for host search, DNS, scanning, exploits, alerts, and more.

→ null-create/shodan-mcp-server · listed on glama

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

🔐

You'll be asked for 1 credential: SHODAN_API_KEY

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configHOST_PORT

configHOST_ADDRESS

🔐 secretSHODAN_API_KEY— cp .env.example .env # add your

configSSL_CERTFILE

configSSL_KEYFILE

configCORS_ORIGINS

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 5 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/null-create-shodan-mcp-server-1b2bch)](https://m8ven.ai/mcp/null-create-shodan-mcp-server-1b2bch)

commit: 1d331a87cd884b3eba928bba449d36ecd5de181c

code hash: b9760c971053df7c31eb424c6e3ad43c0cb315d19765c02929b5bb1bf2366f2d

verified: 6/24/2026, 9:41:01 AM

view raw JSON →