awesome-osint-mcp-servers
Health Pass
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 97 GitHub stars
Code Warn
- Code scan incomplete — No supported source files were scanned during light audit
Permissions Pass
- Permissions — No dangerous permissions requested
This is a curated list of OSINT (Open-Source Intelligence) MCP servers. It serves as a directory to help users discover various third-party tools for integrating network scanning, social media reconnaissance, and threat intelligence directly into AI systems.
Security Assessment
Because this repository is an awesome-list (a collection of links and documentation) rather than a software package, no application code was scanned. The repository itself does not execute code, request dangerous permissions, or contain hardcoded secrets. However, the linked third-party tools it catalogs are designed specifically for aggressive network reconnaissance, DNS fuzzing, and OSINT data gathering. The overall risk of the list itself is Low, but utilizing the third-party tools it links to carries an inherent risk depending on how those external applications are configured and used.
Quality Assessment
The project is an actively maintained resource, with its most recent updates happening today. It utilizes the highly permissive MIT license and has garnered 97 GitHub stars, indicating a solid baseline of community interest and trust. While the repository quality is good, users must independently evaluate the unmaintained or unknown security postures of the individual tools linked within the list.
Verdict
Safe to use as a reference directory, but use the linked third-party intelligence tools with caution.
A curated list of OSINT MCP servers. Pull requests are welcomed!
Awesome OSINT MCP Servers
An MCP (Model Context Protocol) server connects tools and services to LLM-systems like Claude, Cursor, Windsurf, etc. When you request a task through the LLM, the MCP server engages the appropriate tool to perform it automatically.
MCP servers simplify the execution of a large number of OSINT tools, especially console-based ones, by combining it with the ease of querying in LLM and the ability to create flexible reports in LLM output.
SOCMINT
Expose Team
Expose Team – AI-Powered OSINT at Lightspeed.
Maigret
Maigret - A powerful OSINT tool that collects user account information from various public sources
Xquik
Xquik - X/Twitter OSINT platform — MCP server with user lookup, follower extraction, engagement analysis, account monitoring, giveaway draws.
Network Scanning
Shodan
Shodan - A Model Context Protocol (MCP) server for querying the Shodan API and Shodan CVEDB. This server provides comprehensive access to Shodan's network intelligence and security services, including IP reconnaissance, DNS operations, vulnerability tracking, and device discovery.
ZoomEye
ZoomEye - A tool to obtain network asset information by querying ZoomEye using dorks and other search parameters.
DNSTwist
DNSTwist - A powerful DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.
OSINT Toolkit
OSINT Toolkit - A unified interface for network reconnaissance with parallel execution of OSINT tools including WHOIS, Nmap, DNS lookups, and typosquatting detection for security researchers and network administrators.
ContrastAPI
ContrastAPI - Security intelligence MCP server with 20 tools: domain recon (DNS, WHOIS, SSL, subdomains), IP reputation, CVE/EPSS lookup, IOC enrichment (ThreatFox, MalwareBazaar), phishing URL check, and code security scanning. Free, no API key required.
Other
VirusTotal
VirusTotal - Tools to analyze URLs, files (by hash), IP, Domain, and get relationships for detailed analysys.VIRUSTOTAL_API_KEY is needed
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found