What is MCP?
The Model Context Protocol (MCP) is an open standard that allows AI-powered tools to connect to external data sources. With ReconX's MCP server, you can search breach databases directly from your AI coding assistant — no context switching, no manual API calls.
Ask your AI assistant things like "search for leaked credentials from company.com" and it will query ReconX and return results inline.
Requirements
- A ReconX account with an active subscription
- An API token (create one at Account > API)
- An MCP-compatible AI tool (see supported clients below)
MCP Server URL
https://mcp.reconx.io/mcpAuthentication uses the same Bearer token as the REST API:
Authorization: Bearer YOUR_API_TOKENClient Configuration
Add the ReconX MCP server to your preferred AI tool. Each tool has its own configuration format.
Cursor
Open Settings > MCP and add a new server, or edit .cursor/mcp.json in your project root:
{
"mcpServers": {
"reconx": {
"url": "https://mcp.reconx.io/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_TOKEN"
}
}
}
}Claude Code
Run the following command in your terminal:
claude mcp add reconx \
--transport http \
--url https://mcp.reconx.io/mcp \
--header "Authorization: Bearer YOUR_API_TOKEN"Claude Desktop
Edit your Claude Desktop config file:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
{
"mcpServers": {
"reconx": {
"url": "https://mcp.reconx.io/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_TOKEN"
}
}
}
}VS Code (Copilot)
Add to your VS Code settings.json or .vscode/mcp.json:
{
"mcp": {
"servers": {
"reconx": {
"url": "https://mcp.reconx.io/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_TOKEN"
}
}
}
}
}Windsurf
Open Windsurf Settings > MCP and add:
{
"mcpServers": {
"reconx": {
"serverUrl": "https://mcp.reconx.io/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_TOKEN"
}
}
}
}Cline (VS Code Extension)
Open the Cline sidebar, go to MCP Servers, click "Add MCP Server", then select "Remote Server (SSE/Streamable HTTP)":
Server URL: https://mcp.reconx.io/mcp
Header: Authorization: Bearer YOUR_API_TOKENJetBrains IDEs (IntelliJ, WebStorm, etc.)
Go to Settings > Tools > AI Assistant > MCP Servers and add a new HTTP server:
{
"mcpServers": {
"reconx": {
"url": "https://mcp.reconx.io/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_TOKEN"
}
}
}
}Available Tools
Once connected, your AI assistant gains access to 5 specialized tools:
| Tool | Description |
|---|---|
| search | Search breach and leak databases. Returns file metadata, source info, and extracted data counts. Supports filtering by field type, date range, file type, and data sources. |
| search-filters | Get available search filters — searchable fields, MIME types, and filter flags. |
| search-sources | List available data sources with document counts and accessibility based on your plan. |
| search-stats | Get aggregated statistics for a search query (result counts, date distributions, etc.). |
| search-health | Check the ReconX search service health status. |
Search Tool Parameters
The search tool accepts these parameters:
| Parameter | Required | Description |
|---|---|---|
query |
Yes | Search query — email, domain, IP, phone, hash, URL, or free text |
field |
No | Specific field to search in (e.g., extracted_data.emails). Auto-detected if omitted. |
page |
No | Page number for pagination (default: 1) |
per_page |
No | Results per page, 1-100 (default: 20) |
sort |
No | Sort order as field:(asc|desc) (default: _score:desc) |
date_from |
No | Filter from date (YYYY-MM-DD) |
date_to |
No | Filter until date (YYYY-MM-DD) |
file_type |
No | Filter by file extension (txt, csv, sql, json) |
sources |
No | Comma-separated data source index names. Omit to search all accessible sources. |
Usage Examples
You don't need to know the exact tool parameters — just describe what you need in natural language. Here are some examples of what you can ask your AI assistant:
- "Search for leaked credentials from company.com" — searches for the domain across all breach sources
- "Find any breaches containing [email protected] from the last 6 months" — date-filtered email search
- "Check if 192.168.1.100 appears in any stealer logs" — IP search with source filter
- "Show me what data sources are available" — lists data sources and their document counts
- "Get statistics for @company.com breaches" — aggregated stats for the domain
- "Is the ReconX search service healthy?" — runs a health check
- "Search for leaked passwords containing admin in CSV files" — free text search filtered by file type
Quota Information
MCP searches share the same quota pool as web searches and API requests. Each search via MCP consumes one search credit from your subscription plan. There is no separate MCP quota — your usage across web, API, and MCP is combined.
To check your remaining quota, ask your AI assistant: "What's my remaining ReconX quota?" — the assistant can use the API to check your subscription status.
Troubleshooting
Authentication failed
- Verify your API token is correct and not revoked
- Make sure the Authorization header format is exactly:
Bearer YOUR_TOKEN - Create a new token at Account > API if needed
Tool not appearing
- Restart your AI tool after adding the MCP configuration
- Check the MCP server URL is exactly:
https://mcp.reconx.io/mcp - Verify your configuration JSON syntax is valid
Quota exceeded
- MCP, web, and API share the same search quota
- Check your usage at Account > Subscription
- Upgrade your plan for higher limits