Knostic’s research team conducted a systematic study to locate exposed MCP servers on the internet. Leveraging Shodan and custom Python tools, we fingerprinted and mapped production MCP servers. All servers we discovered were insecure and revealed their capabilities to anyone asking. In this series of posts, we are sharing our findings, along with a guide detailing how we fingerprinted MCP servers. We identified a total of 1,862 MCP servers exposed to the internet. From this set, we manually ver...