A curated list of MCP servers for OSINT (Open Source Intelligence).
An MCP server connects tools and services to LLM systems like Claude, Cursor, Windsurf, etc.
MCP servers simplify execution of OSINT tools by combining them with the ease of LLM querying
and the ability to create flexible reports.
Legend: 📦 Open Source · 🆓 Free / Has Free Tier · 💰 Paid / Requires Paid API
- 💰 Expose Team — AI-powered OSINT at lightspeed. Credit-based plans from $8/month.
- 📦🆓 Maigret — Collect user account information from various public sources by username.
- 📦💰 Xquik — X (Twitter) data extraction and automation with 40+ REST API endpoints, real-time account monitoring, and trending topics. MCP server with API key auth.
- 📦🆓💰 Shodan — Query the Shodan API and CVEDB for IP reconnaissance, DNS operations, vulnerability tracking, and device discovery. Free tier available with limited queries, requires Shodan API key.
- 📦🆓💰 ZoomEye — Obtain network asset information by querying ZoomEye using dorks and other search parameters. 7-day free trial available, requires ZoomEye API key.
- 📦🆓 DNSTwist — DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.
- 📦🆓 OSINT Toolkit — Unified interface for network reconnaissance with parallel execution of WHOIS, Nmap, DNS lookups, and typosquatting detection.
- 📦🆓💰 ContrastAPI — Security intelligence server with 31 tools: domain recon (DNS, WHOIS, SSL, subdomains, WAF, Wayback) plus orchestrated
audit_domain, IP reputation plus orchestratedthreat_report(Shodan + AbuseIPDB + ASN), CVE/EPSS/KEV lookup plusbulk_cve_lookup(50/call) andcve_leading(MITRE/GHSA pre-NVD), IOC enrichment plusbulk_ioc_lookup(50/call), threat intel, username OSINT, exploit search,check_dependencies(requirements.txt / package.json audit), and code security scanning. Free tier: 100 req/hr. Pro: 1000 req/hr with API key.
- 🆓💰 AnySite — Structured data access to 115+ endpoints across 40+ platforms (LinkedIn, Instagram, X, Reddit, YouTube, GitHub, Amazon, etc.) via five meta-tools. 7-day free trial with 1,000 credits.
- 📦🆓💰 Bright Data — Real-time web search, scraping, and structured data extraction from 60+ sources (Amazon, LinkedIn, TikTok, Google Maps, etc.) with CAPTCHA and anti-bot bypass. Free tier: 5,000 requests/month.
- 📦🆓💰 CompanyScope — Company intelligence aggregating data from 8 public sources (Wikipedia, SEC EDGAR, OpenCorporates, RDAP, GitHub, and more) for corporate reconnaissance. Free tier 25 calls/day, pay-per-use tier on Apify.
- 📦🆓 StockScope — SEC EDGAR financial intelligence for stock research. Revenue, net income, margins, filings, and company comparisons for any US public company. Free, no API key needed.
- 📦💰 US Business Data — Search Secretary of State business registrations across 17 US states, building permits in 400+ cities, and Yellow Pages business leads. Returns entity details, filing status, and registered agents.
- 📦🆓 VirusTotal — Analyze URLs, files (by hash), IPs, and domains with detailed relationship mapping. Free API tier available, requires
VIRUSTOTAL_API_KEY.
- 🆓 Not Human Search — Agent-first discovery engine for MCP servers. Search, score, and live-probe (
verify_mcp) 8,600+ servers via JSON-RPC or REST API. Useful for pivoting between OSINT MCP tools. MCP: https://nothumansearch.ai/mcp
Contributions are welcome! Please open a pull request to add a new OSINT MCP server to the list.