SecurityTrails MCP. Map an Organization's Entire Digital History
SecurityTrails MCP connects deep domain and IP intelligence into your AI agent. Instantly map an organization's entire digital footprint by accessing historical DNS records, enumerating hidden subdomains, checking WHOIS ownership changes, and running advanced threat queries against the world's largest database of network data.
Claude 
ChatGPT 
Cursor 
Gemini 
Windsurf 
VS Code 
JetBrains 
Vercel Give Claude and any AI agent real-world access
Automatically discovers all active and inactive subdomains linked to a target domain.
Retrieves past DNS records (A, MX, NS, TXT) to map out how an organization's infrastructure has changed over time.
Finds all domains that share the same IP address, helping locate hidden virtual hosts or related assets.
Accesses current and historical WHOIS data to track domain ownership changes and identify potential malicious actors.
Uses a specific Domain Specific Language (DSL) to query the entire internet for niche tech stacks or vulnerable infrastructure patterns.
Ask an AI about this
Waiting for input…
What AI agents can do with SecurityTrails MCP with 10 Tools
These tools let you perform deep intelligence queries, covering everything from current domain registration to historical IP usage.
Make your AI actually useful.
Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.
Start using SecurityTrails MCPGet Api Usage
Checks how much of your SecurityTrails API quota you've used for the day.
Get Domain Tags
Provides classification tags that categorize the purpose and type of a specific...
Get Dns History
Retrieves historical DNS records for a domain, useful for seeing old IPs or tracking...
Get Subdomains
Discovers all subdomains for a given domain, regardless of whether they are...
Get Whois
Gets the current registration and ownership information (WHOIS) for any specified...
Search Dsl
Runs highly advanced, targeted queries across the entire internet using the full SecurityTrails Domain Specific Language syntax.
Get Domains By Ip
Lists all domains that have been pointed to a single IP address, identifying shared hosting environments.
Get Domain Details
Gathers complete current domain intelligence, including DNS records and core...
Get Associated Domains
Finds other domains that are strongly linked to a primary target domain, expanding...
Get Whois History
Retrieves historical WHOIS records for a domain, useful for tracking owners before...
Security and governance baked right in.
Pick your AI client below to get set up. Just create a Vinkius account, subscribe, and you're instantly up and running. We handle the entire backend infrastructure, delivering out-of-the-box support for HTTPS Streamable, SSE, and OAuth2—zero messy routing required.
Claude AI
Open Claude Settings
Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.
Add Custom Connector
Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL:
https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp
Replace [YOUR_TOKEN_HERE] with your token
from cloud.vinkius.com. For OAuth-protected servers, expand
Advanced settings to add credentials.
Start a conversation
Open a new chat. The SecurityTrails integration is available immediately — no restart needed.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on each call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with SecurityTrails, then connect any of our 5,200+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 5,200+ others, all in one place
- Add new capabilities to your AI anytime you want
- Connections are secured and governed automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog weekly
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by SecurityTrails. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS CLOUD
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on each call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
The Pain of Manual Digital Forensics
Right now, mapping an organization's infrastructure is a tedious crawl through multiple interfaces. You check the main site, then jump to a separate WHOIS page for ownership details. Then you have to run a subdomain brute-forcer, and if that fails, you try looking up historical DNS records on another service. It’s copy-pasting between three or four different tabs just to get one coherent picture.
With this MCP, your agent handles all those jumps. You tell it the target, and it orchestrates checks for current details, past ownership, associated domains, and deep subdomains—all in a single conversation thread. You get the full intelligence map without leaving your chat.
SecurityTrails MCP: Comprehensive Domain Intelligence
Before this MCP, tracking domain ownership meant relying on basic WHOIS lookups that often failed or were outdated. Tracking infrastructure changes required manual checks of historical DNS logs, which few services provided in a unified format.
Now, you can ask for the full picture: who owned it, what IPs did it use years ago, and every single domain linked to it—all instantly available through your AI agent.
What SecurityTrails MCP does for your AI
You can use this MCP to treat any target domain like a live intelligence feed. Instead of spending hours clicking through separate databases for IP history, you ask your agent to find connections between domains, IPs, and people. It pulls together historical DNS records—the kind that show where an organization was five years ago but has since abandoned.
You can expand the scope of any investigation by finding other domains associated with a primary target or look up every domain hosted on a specific IP address. These capabilities let you track infrastructure migration, unmask forgotten assets, and identify potential brand squatters before they cause trouble. Connecting this MCP through Vinkius allows your agent to perform these complex OSINT tasks without needing specialized terminal commands.
You simply ask the question, and it gives you the historical data required for bug bounty hunting or threat intelligence.
019d847b-e7b9-700b-938e-d6bdc7e4a90b 
How to set up SecurityTrails MCP
The bottom line is that you get deep, actionable domain intelligence without ever leaving your primary chat interface.
Subscribe to this MCP and sign up at SecurityTrails to get your API key.
Connect your agent by providing the necessary credentials via Vinkius. Your AI client handles all authentication.
Ask your agent a specific question, like 'What historical records point to example.com?' The MCP executes the query and returns structured data.
Who uses SecurityTrails MCP
This connector serves security researchers, pentesting teams, and threat intelligence analysts. If your job involves mapping an organization's attack surface or tracking down hidden digital assets, this MCP is a necessity. It solves the pain of manually cross-referencing decades of domain records across multiple tools.
Uses the MCP to quickly enumerate all subdomains and find forgotten endpoints associated with a target company.
Runs advanced queries using the DSL to locate out-of-scope assets or older, less protected infrastructure related to client targets.
Correlates WHOIS history with DNS records and IP lookups to build timelines of Advanced Persistent Threat (APT) group activity.
Benefits of connecting SecurityTrails MCP
Discover hidden assets: Instead of just checking the main site, use get_subdomains to map every associated subdomain and find overlooked attack vectors.
Track infrastructure changes: Use get_dns_history to see where a domain pointed five years ago. This reveals abandoned services or legacy systems that are still vulnerable.
Scope expansion: When you find one target, use get_associated_domains to automatically pull in every related corporate site without manual research.
Identify shared risks: Run get_domains_by_ip on a suspicious IP address. This shows every other domain that shares it, flagging potential cross-site compromises.
Deep intelligence gathering: Use the advanced search_dsl tool to query for specific tech stacks (e.g., 'all domains using Nginx and hosted in Germany').
Ownership tracking: The combination of get_whois and get_whois_history allows you to build a timeline of who controlled a domain over decades.
SecurityTrails MCP use cases
Finding old forgotten systems after a company merger
A threat analyst needs to know if the merged company retained any legacy infrastructure. They query get_dns_history for the original domain, and the MCP reveals A records pointing to an IP address that hasn't been active in years, flagging it as a potential data leak source.
Mapping out a competitor’s entire web presence
A bug bounty hunter starts with one domain. They immediately run get_subdomains and then get_associated_domains. The agent returns hundreds of subdomains, allowing them to test the full breadth of the competitor's digital assets.
Investigating a suspicious IP for related criminal activity
A researcher gets an unknown IP. They use get_domains_by_ip and find four unrelated domains all pointing to it. This suggests shared hosting, allowing them to focus their investigation on the likely primary owner.
Tracing a domain back through multiple hands
A brand protection team suspects typosquatting. They use get_whois and then get_whois_history to trace ownership changes, determining when the malicious actor first registered the related domain.
SecurityTrails MCP tradeoffs
What to watch out for, and the recommended way to handle each one.
Thinking only of current records
Running a simple WHOIS check on example.com and assuming all information is accurate because it's today’s date.
Always pair get_whois with get_whois_history. This shows the true lineage, revealing owners and details that were private or changed years ago.
Only checking primary domains
Manually listing all subdomains for a target company because they are easy to guess.
Use get_subdomains first. This automates the enumeration process, finding inactive or obscure subdomains you would otherwise miss.
Using general search tools
Searching generic web logs for an IP address, which gives thousands of irrelevant results.
Run get_domains_by_ip to get a curated list of only the domains known to point to that specific IP. This cuts the noise instantly.
When to use SecurityTrails MCP
Use this MCP if your investigation relies on time, association, or scope depth. You need to know what was there, not just what's live right now. If you only care about today’s publicly visible DNS records, other simple lookups will suffice. However, if you suspect historical data—like finding an old IP address from 2018 that the company hasn't decommissioned yet—this MCP is required because it accesses get_dns_history and get_whois_history. Don't use this if your goal is simply generating a list of current, active websites. This tool specializes in intelligence gathering by cross-referencing historical records with modern domain structures.
Frequently asked questions about SecurityTrails MCP
What is the difference between `get_subdomains` and `get_associated_domains` using SecurityTrails MCP? +
get_subdomains finds all variations attached to a single domain (like 'staging.example.com'). get_associated_domains, however, finds entirely separate domains that are strongly linked to the primary target company.
Can I use SecurityTrails MCP to find out who owned a domain in 2015? +
Yes. You must use get_whois_history or get_dns_history. These tools retrieve historical records, bypassing modern privacy protections that hide old ownership data.
Does SecurityTrails MCP only work for major corporate websites? +
No. It handles anything from large corporations to small personal sites, allowing you to run advanced searches using the search_dsl tool on any domain or IP range.
How do I check if a domain is part of a larger network? +
Run get_domains_by_ip. This tool lists every known domain that shares an IP address, which is critical for identifying shared hosting or hidden virtual machines.
Is SecurityTrails MCP better than standard DNS lookup tools? +
Yes. Standard lookups only give you the current record. This MCP provides historical depth and cross-referencing capabilities that connect ownership, IP usage, and domain names over time.
Is the SecurityTrails API free to use? +
SecurityTrails offers a Free Tier API plan which allows 50 API requests per month. This is excellent for specific, targeted OSINT investigations. For automated or large-scale recon, you would need a commercial subscription.
What is historical DNS good for? +
Companies often migrate infrastructure and hide behind WAFs like Cloudflare. Historical DNS reveals the original origin IP addresses used before the WAF was implemented, which might still be active and vulnerable to direct attacks. It's a critical tool in penetration testing.
How can I find related domains for a target company? +
Use the get_associated_domains tool. It uses proprietary correlation to find other domains owned by the same entity. You can also use get_domains_by_ip to find what else is hosted on their IP space.