Security research often involves sifting through digital noise to find needles in a haystack.
In our research, we discovered a total of 1,862 MCP servers exposed to the internet. From that set, we sampled 119 for manual verification. All 119 servers allowed access to internal tool listings without authentication. Read more about how we found the servers in our blog here.
Manually searching Shodan for hundreds of query variations and validating each potential target would have taken months. It's a soul-crushing exercise in repetition that's prone to human error. To tackle this, we experimented with how less programming-savvy attackers might approach the problem, and did a little vibe coding.
We used Claude Sonnet 4 for this research. We chose it specifically for its strong reasoning skills, powerful coding abilities, and large context window, which allows it to remember the entire conversation and the state of the code.
The development of our mcp_scanner.py script began with a detailed, high-level prompt that established our intent:
"I need a sophisticated, asynchronous Python script to discover MCP servers using the 'shodan' and 'asyncio' libraries. It should be structured as a class, MCPServerScanner. The class needs to take a Shodan API key and a list of over 100 query strings. Its primary method will iterate through these queries, making concurrent API calls to Shodan, and collect all unique IP:Port results into a single list, ensuring there are no duplicates. It also needs robust error handling for common Shodan API failures, network timeouts, and rate limits, with a built-in retry mechanism with exponential backoff. The final output should be a clean list of potential targets."
Claude provided the class structure, asynchronous function definitions, basic loops, and API call logic. After we had the structure, we worked on refining the output. The conversation went something like this:
- Human: "This is great. Now, let's add a function to save the final results to a timestamped CSV file. The columns should be IP, Port, and the Shodan filter that found it."
- Claude: (Generates the CSV writing function.)
- Human: "Good, but let's make it more robust. Wrap the file I/O in a try...except block to handle potential write errors. Also, let's add logging using Python's logging module to track which filters are being run and how many results each one yields."
- Claude: (Refactors the code to include error handling and detailed logging.)
- Human: "Let's think about organization. The list of 100+ Shodan filters is getting unwieldy. Let's move it into a separate configuration file, maybe a simple text file, that the script reads on startup."
- Claude: (Generates the code to read filters from an external file.)
This approach enabled us to accelerate the research significantly. We developed two sophisticated, purpose-built tools: mcp_scanner.py for discovery and mcp_func_checker.py for verification
Unlike true vibe coding, this was never a blind "copy-paste." A human from the Knostic team was always in the loop. Every single line of code generated by the AI was reviewed for logical accuracy, potential security vulnerabilities (like command injection or improper handling of external data), and adherence to Python best practices. While AI accelerated the process, human expertise provided critical oversight, architectural direction, and quality assurance to ensure a working tool.
What would have required several months using traditional development methods was instead completed in a short experimental cycle. This allowed us to spend less time on routine coding and more time on the high-level analysis that truly mattered.
To learn more about how we discovered MCP servers, see our blog: How to Find an MCP Server with Shodan
Using the official MCP Inspector tool to connect to an exposed, unauthenticated MCP server
To explore our methodology in more detail, see this technical walk-through:
To learn more about MCP itself and how to secure agent infrastructure, read:
