Shodan

live SecurityDeveloper

Host recon via the full Shodan API — open ports, services, CVEs, and host search. BYO key.

3 tools
0ms auth
free tier 50 calls/day

Tools

shodan_host

What's exposed on IP <ip> — open ports, services, and CVEs. Returns the full Shodan host profile: ports, hostnames, org/ISP, geolocation, OS, known vulnerabilities, and a per-service banner sample. Ex

No parameters required.

Try it
shodan_host_count

Count hosts matching <query> with facet breakdown (free — this endpoint does not consume query credits). Returns the total match count plus optional facet aggregations (e.g. top countries, orgs, ports

No parameters required.

Try it

Test with curl

The gateway speaks JSON-RPC 2.0 over HTTP POST. You can test any pack directly from the terminal.

List available tools
bash
curl -X POST https://gateway.pipeworx.io/shodan/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'
Call a tool
bash
curl -X POST https://gateway.pipeworx.io/shodan/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"shodan_host","arguments":{}}}'

Use with the SDK

Install @pipeworx/sdk to call tools from any TypeScript/Node project.

TypeScript
import { Pipeworx } from '@pipeworx/sdk';
const px = new Pipeworx();
const result = await px.call("shodan_host", {});
ask_pipeworx
// Or ask in plain English:
const answer = await px.ask("host recon via the full shodan api — open ports, services, cves, and host search");