mcp-shodan and mcp-virustotal
Both tools are complementary for security analysis, as one provides reconnaissance and vulnerability intelligence for internet-connected devices via Shodan, while the other offers comprehensive security reports and relationship analysis for URLs, files, IPs, and domains via VirusTotal.
About mcp-shodan
BurtTheCoder/mcp-shodan
MCP server for Shodan — search internet-connected devices, IP reconnaissance, DNS lookups, and CVE/CPE vulnerability intelligence. Works with Claude Code, Codex, Gemini CLI, and Claude Desktop.
This tool helps cybersecurity analysts and IT professionals gather intelligence about internet-connected devices, IP addresses, and potential vulnerabilities. You input an IP address, domain name, product name, or a CVE identifier, and it provides structured data on network services, open ports, geographical location, and vulnerability details. It's designed for security researchers, network administrators, and incident response teams.
About mcp-virustotal
BurtTheCoder/mcp-virustotal
MCP server for VirusTotal API — analyze URLs, files, IPs, and domains with comprehensive security reports, relationship analysis, and pagination support.
This tool helps cybersecurity professionals and researchers quickly assess potential threats from URLs, files, IP addresses, and domains. It takes an indicator like a URL or file hash and provides comprehensive security reports, including detection results, network connections, and related threats. Security analysts and incident responders can use this to get a full picture of a potential threat.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work