mcp-shodan and mcp-security-hub
These are complements: the Shodan server provides reconnaissance data (device discovery, CVE intelligence) that feeds into the security-hub's offensive tools (Nmap, Nuclei, SQLMap) for downstream exploitation and vulnerability assessment.
About mcp-shodan
BurtTheCoder/mcp-shodan
MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and CVE/CPE vulnerability intelligence. Works with Claude Code, Codex, Gemini CLI, and Claude Desktop.
Implements the Model Context Protocol (MCP) via stdio transport with seven specialized tools—IP lookup, device search, CVE/CPE queries, and DNS resolution—each returning structured JSON for programmatic analysis. Built as an npm package that integrates directly into Claude Desktop, Claude Code, Codex CLI, and Gemini CLI through configuration-based server registration, leveraging Shodan's CVEDB for enriched vulnerability data including CVSS, EPSS, and KEV status tracking.
About mcp-security-hub
FuzzingLabs/mcp-security-hub
A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.
Implements 38 modular MCP servers as production-hardened Docker containers that expose 300+ security tools through a unified natural-language interface to Claude and other AI clients. Each server wraps tools like Nuclei, SQLMap, and Radare2 with stdio transport, enabling multi-tool workflows via Docker Compose orchestration while maintaining security posture through non-root containers and automated Trivy vulnerability scanning. Supports both global Claude Desktop configuration and project-level `.mcp.json` deployments with volume mounting for file access.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work