Main

Use this list as a selection pipeline:

• Start with read-only / evidence-oriented tools.
• Prefer servers with clear licenses and transparent data sources.
• Pin versions for npx installs when rolling into production.

For each chosen MCP, record: data source, rate limits, auth requirements, and what gets logged.

README excerpt (verbatim)

Legend: 📦 Open Source  ·  🆓 Free / Has Free Tier  ·  💰 Paid / Requires Paid API

Contents

• SOCMINT
• Network Scanning
• Web Scraping
• Company Intelligence
• Threat Intelligence
• Meta / Discovery

SOCMINT

• 💰 Expose Team — AI-powered OSINT at lightspeed. Credit-based plans from $8/month.
• 📦🆓 Maigret — Collect user account information from various public sources by username.
• 📦💰 Xquik — X (Twitter) data extraction and automation with 40+ REST API endpoints, real-time account monitoring, and trending topics. MCP server with API key auth.

Network Scanning

• 📦🆓💰 Shodan — Query the Shodan API and CVEDB for IP reconnaissance, DNS operations, vulnerability tracking, and device discovery. Free tier available with limited queries, requires Shodan API key.
• 📦🆓💰 ZoomEye — Obtain network asset information by querying ZoomEye using dorks and other search parameters. 7-day free trial available, requires ZoomEye API key.
• 📦🆓 DNSTwist — DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage.
• 📦🆓 OSINT Toolkit — Unified interface for network reconnaissance with parallel execution of WHOIS, Nmap, DNS lookups, and typosquatting detection.

FAQ

Q: Is this a single MCP server? A: No—this repo is a directory of many OSINT MCP servers and tools; you choose entries to install.

Q: How do I install an entry? A: Follow each entry’s hint (often npx ... or a remote HTTP URL) and add it to your MCP client.

Q: What should I audit? A: Data sources, permissions, logging, and any credentials required by the selected server.