Shodan MCP (Vorota-ai)
Shodan MCP server with 20 tools for passive recon, CVE/CPE intel, and DNS analysis; 4 tools work without an API key.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Shodan MCP (Vorota-ai), derived from its capabilities.
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.
Overview
Vorota-ai's Shodan MCP gives AI agents like Claude, Cursor, and Copilot 20 tools spanning passive reconnaissance, CVE/CPE vulnerability intelligence, DNS analysis, and device search. Four tools function free without a Shodan API key, lowering the barrier for OSINT and vuln research from the IDE. As a recon tool it has an attack-surface and credential-handling security surface.
Key features
- 20 recon/CVE/CPE/DNS tools
- 4 tools usable free with no API key
- IDE-native OSINT and vuln research
Use cases
- OSINT reconnaissance from a coding agent
- Map CVE/CPE exposure of discovered hosts