Censys MCP for AI Agents. Map Internet Attack Surface and Discover Exposed Services
Censys allows your AI agent to explore the world's largest internet scanning platform. You can discover exposed services, analyze SSL certificates, and map an organization's full attack surface by querying internet-facing hosts, ports, and infrastructure changes.
Claude 
ChatGPT 
Cursor 
Gemini 
Windsurf 
VS Code 
JetBrains 
Vercel Give Claude and any AI agent real-world access
Search the entire internet-facing landscape by service, port number, operating system, or geographical location.
Retrieve detailed information on any IP address, including all open ports, services, certificates, and a timeline of how the host's profile has changed.
Find specific certificate details by fingerprint or search for expiring certificates issued by certain authorities.
Compare two different hosts to pinpoint exactly what services, ports, or OS features have changed between them.
Group search results by fields like country or autonomous system name to understand the overall distribution of exposed infrastructure.
Ask an AI about this
Waiting for input…
What AI agents can do with 9 Tools in Censys MCP for Network Security Analysis
Use these tools to query, compare, and aggregate network data across millions of exposed hosts and certificates.
Make your AI actually useful.
Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.
Start using Censys MCPAggregate Hosts
Groups search results by fields like country or port to calculate counts, showing the distribution of exposed services or infrastructure...
Get Account Info
Checks your remaining API quota and account limits so you know when you need to top...
Get Certificate
Pulls all detailed data for a specific certificate, including its issuer, validity...
Get Certificate Hosts
Finds every host (IP address) that is using a particular SSL/TLS certificate...
Get Host
Gets all open ports, service banner text, TLS certificates, OS detection, and...
Get Host History
Shows a timeline of how an IP's services, ports, and certificates have changed over time, marking all observed modifications.
Search Certificates
Searches for SSL/TLS certificates using criteria like issuer names, subject fields, or specific validity dates.
Search Hosts
Performs powerful searches on internet-connected hosts using services (e.g., 'ssh')...
View Host Diff
Compares two different IP addresses to highlight infrastructure differences, making...
Security and governance baked right in.
Pick your AI client below to get set up. Just create a Vinkius account, subscribe, and you're instantly up and running. We handle the entire backend infrastructure, delivering out-of-the-box support for HTTPS Streamable, SSE, and OAuth2—zero messy routing required.
Claude AI
Open Claude Settings
Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.
Add Custom Connector
Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL:
https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp
Replace [YOUR_TOKEN_HERE] with your token
from cloud.vinkius.com. For OAuth-protected servers, expand
Advanced settings to add credentials.
Start a conversation
Open a new chat. The Censys MCP for AI Agents integration is available immediately — no restart needed.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on each call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Censys, then connect any of our 5,200+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 5,200+ others, all in one place
- Add new capabilities to your AI anytime you want
- Connections are secured and governed automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog weekly
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Censys. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS CLOUD
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on each call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Censys MCP for AI Agents: Mapping Internet Attack Surface
Manually assessing an organization's attack surface is a nightmare. You have to run separate scans for IPs, check historical changes in port configurations, and then use different tools just to map out who owns the certificates. It’s copy-pasting IP ranges into one dashboard, running another scan for every single service banner, and spending hours trying to connect all those disparate data points.
With this MCP, your agent handles the whole picture. You ask it to investigate a target range, and it automatically gathers live host details, finds associated certificates, and maps out any infrastructure changes using tools like `view_host_diff`. The result is one cohesive intelligence report.
Censys MCP for AI Agents: Analyzing SSL/TLS Certificate Intelligence
Tracking certificates used by an entire fleet of servers requires multiple steps. You first have to search manually using criteria like expiration dates or issuers, then take the resulting certificate fingerprint and run it through a separate tool just to get the list of hosts that use it.
Now you can ask your agent once to find all certs issued by 'Let's Encrypt' expiring in the next 30 days. It automatically collects the details using `search_certificates` and then maps every single host using those credentials via `get_certificate_hosts`. The visibility is total.
What Censys MCP for AI Agents MCP does for your AI
This MCP gives your AI client access to deep network intelligence, allowing you to investigate what parts of the internet are visible to an attacker. Instead of manually checking dozens of dashboards or running multiple CLI commands, you can ask your agent to look at a target IP address and get all the data in one go—open ports, services running there, OS detection, and even who issued any associated certificates.
For example, if you suspect a misconfigured web server, you can use this MCP to search for hosts running specific services, like finding every machine using an Nginx banner across different countries. It's powerful data mapping. If you subscribe through Vinkius, your agent gets access to the entire catalog of specialized tools, making it easy to correlate host findings with certificate details or check historical changes over time.
It turns raw internet scan data into actionable intelligence for security teams.
019d8423-ccbd-70e6-b47d-f5bc2ae859d4 
How to set up Censys MCP for AI Agents MCP
The bottom line is that you get automated access to massive-scale network scan data without needing to run the complex queries yourself.
First, subscribe to this MCP and provide your Censys API ID and Secret credentials.
Next, direct your AI client to perform an inquiry—for instance, asking it to find all hosts running a specific service port in a certain region.
The tool returns structured data detailing the open ports, services, certificates, or historical records for the requested IP range.
Who uses Censys MCP for AI Agents MCP
Security researchers, threat hunters, and systems administrators rely on this MCP. If your job requires understanding what infrastructure is visible or exposed on the public internet, this tool saves hours of manual investigation.
Uses the MCP to discover unknown vulnerabilities, map an opponent's attack surface, and track certificate usage across multiple domains.
Monitors their organization’s external exposure by comparing current host data against baseline profiles to catch misconfigurations.
Tracks related infrastructure and identifies suspicious hosts or unusual certificate patterns that signal potential breaches.
Benefits of connecting Censys MCP for AI Agents MCP
Identify infrastructure changes: Use view_host_diff to instantly compare two hosts and pinpoint exactly what services or ports have been added or removed.
Deep dive on IPs: The get_host tool pulls everything—OS, open ports, banners, certificates—for a single IP in one request.
Certificate tracking: Never miss an expired credential. Use search_certificates to find all SSL/TLS certs issued by specific authorities or nearing expiration.
Historical view: Need to know if a host was compromised last month? Run get_host_history to see the full timeline of service changes for any IP.
Broad pattern analysis: Use aggregate_hosts to analyze large datasets, grouping results by country or ASN to understand global exposure trends.
Censys MCP for AI Agents MCP use cases
Checking a competitor's public footprint
A security researcher wants to know if a rival company is using any old certificates. They run search_certificates for specific issuers and then use get_certificate_hosts to find every domain attached to those credentials, mapping out the full infrastructure.
Monitoring internal network drift
A sysadmin runs a scan on two IPs: one from last year and one today. By using view_host_diff, they quickly see that three critical ports were opened unexpectedly, signaling a possible misconfiguration or breach.
Assessing general network risk
A threat hunter needs to gauge the global prevalence of a specific service. They use search_hosts for 'ftp' and then run aggregate_hosts by country, instantly creating a map showing which countries have the highest concentration of exposed FTP services.
Vetting a target system
A penetration tester gets an IP address. They use get_host to gather all foundational data—OS, ports, certificates—and then run get_account_info to ensure they have enough quota for the deep dive.
Censys MCP for AI Agents MCP tradeoffs
What to watch out for, and the recommended way to handle each one.
Assuming a simple IP lookup is enough
A user only runs basic port scans on an IP, assuming that's all the data they need to assess risk.
Don't stop at ports. Use get_host for comprehensive details and run get_certificate_hosts to find every domain associated with any found certificate.
Ignoring historical context
A team notices a suspicious port today but doesn't know if it was always there or if it's brand new.
Always use get_host_history to check the full timeline. This shows whether the service is a persistent feature or a recent, potentially unauthorized change.
Missing certificate correlation
A user finds a suspicious domain name but doesn't know which IPs are actually using its associated certificates.
Use search_certificates to find the cert details, then run get_certificate_hosts to map out every IP that is presenting that specific certificate.
When to use Censys MCP for AI Agents MCP
Use this MCP if your goal is mapping external network exposure or tracking infrastructure drift. You need visibility into what services and certificates are publicly visible across the internet, regardless of whether you own those assets. If you only need to check a single website for current uptime status, a standard HTTP ping tool works fine. But if you want to know every possible way that site is reachable—checking its history, every associated IP, or all related certificates—then this MCP is required. Don't use it just because you think an 'AI agent' can check things; use it because the data volume and complexity (like correlating hosts via get_certificate_hosts) requires this specialized intelligence.
Frequently asked questions about Censys MCP for AI Agents MCP
How can Censys MCP help me map my network's attack surface? +
It lets you search the entire internet for exposed services and ports without needing to be physically connected. You can use your agent to find every publicly visible credential or service running on a target IP.
Does Censys MCP track changes over time? +
Yes, it tracks host history. It shows you if an open port or a service banner was added recently, allowing you to detect potential misconfigurations that happened after the fact.
What kind of certificate information can I get with Censys MCP? +
You can find detailed data on certificates, including who issued them, when they expire, and critically, every single IP address or domain name using that specific certificate.
Is this better than running manual network scans? +
It's more comprehensive. It automates the correlation of data points—linking a port finding to its associated certificate and then tracking its history—in one workflow, saving massive amounts of time.
Can Censys MCP help me find similar infrastructure? +
Absolutely. You can compare two different IP addresses using the tool to spot differences in open services or OS types, which is helpful when auditing related systems.