HackMyAgentby OpenA2ABack to Scanner

Research Methodology

How we collect and verify the vulnerability statistics shown on our homepage.

Current Research Summary

207
Shodan Queries
97,013
Hosts Discovered
11,100
Hosts Scanned
14.4%
Vulnerability Rate

Last updated: January 29, 2026

Overview

The statistics on our homepage represent real, verified vulnerabilities found through automated scanning of internet-exposed services. Every number we report comes from our own scanner, not estimated or extrapolated data.

Key principle: We only report what we can verify. If our scanner cannot confirm a vulnerability, we do not count it.

Our Process

1

Target Discovery via Shodan

We use the Shodan API with 207 different search queries to identify candidate IP addresses running AI agent infrastructure. We search for signatures across Python frameworks (Uvicorn, FastAPI, Django, Flask, Gunicorn), Node.js servers (Express, Koa, Next.js), Go/Java/Ruby/Rust frameworks, cloud platforms, and API patterns.

2

Verification with HackMyAgent Scanner

Each candidate IP is scanned using our HackMyAgent scanner with 25 concurrent connections. The scanner performs active checks for MCP endpoints, exposed configuration files, API keys, Clawdbot/Moltbot gateways, dangerous endpoints, and other vulnerabilities. Only findings confirmed by our scanner are counted.

3

Aggregation and Reporting

Verified findings are aggregated by vulnerability type. We calculate the vulnerability rate (vulnerable hosts / total scanned) and update our homepage with the results. All raw data is preserved for reproducibility.

Shodan Query Categories

We use 207 queries across these categories to maximize coverage:

SSE Endpoints

5 queries

text/event-stream on ports 80, 443, 3000, 8000, 8080

Python Frameworks

35 queries

Uvicorn, FastAPI, Django, Flask, Gunicorn, Tornado, aiohttp

Node.js Servers

30 queries

Express, Koa, Hapi, Fastify, NestJS, Next.js, Nuxt

WebSocket/Real-time

15 queries

WebSocket upgrades, Socket.io, WS connections

API Patterns

25 queries

/api/v1, /api/v2, REST endpoints, GraphQL, OpenAPI

AI/ML Infrastructure

20 queries

LangChain, LlamaIndex, Hugging Face, model endpoints

Cloud Platforms

15 queries

AWS Lambda, GCP Run, Azure Functions, Vercel, Heroku

Debug/Admin Endpoints

20 queries

/debug, /admin, /health, /metrics, /status

Go/Java/Ruby/Rust

25 queries

Gin, Echo, Spring, Rails, Actix, Rocket

Database/Container UIs

17 queries

MongoDB Express, Redis Commander, Portainer, phpMyAdmin

View sample Shodan queries
# SSE Endpoints
"text/event-stream" port:443
"text/event-stream" port:80
# Python Frameworks
"uvicorn" port:443
"fastapi" port:8000
"gunicorn" port:443
"django" port:8000
# Node.js
"X-Powered-By: Express" port:443
"next.js" port:3000
# API Patterns
http.html:"/api/v1" port:443
"graphql" port:443
# Debug Endpoints
"/debug" http.status:200
"/admin" http.status:200

Scanner Checks Performed

Our scanner performs 12 active security checks on each target:

mcp-sse-exposed

MCP SSE Endpoints

Checks for exposed Server-Sent Events endpoints

mcp-tools-exposed

MCP Tools Listing

Checks for exposed tool definitions

api-key-exposed

API Key Exposure

Scans for leaked API keys in responses

config-file-exposed

Config Files

Checks for exposed configuration files

claude-md-exposed

System Instructions

Looks for exposed CLAUDE.md files

no-auth-mcp

Unauthenticated MCP

Tests for MCP endpoints without auth

outdated-api-endpoint

Dangerous Endpoints

Finds /debug, /execute, /shell endpoints

clawdbot-gateway-exposed

Clawdbot Gateway

Checks port 18789 for gateway exposure

clawdbot-websocket-exposed

Clawdbot WebSocket

Checks port 18790 for WebSocket control

outdated-version

Outdated Versions

Detects outdated framework versions

debug-mode-enabled

Debug Mode

Identifies debug mode left enabled

dir-listing-enabled

Directory Listing

Checks for enabled directory listing

Current Findings Breakdown

From 11,100 scanned hosts, we found 8,449 total vulnerabilities:

5,042
Outdated API Endpoints
1,190
Claude.md Exposed
829
Outdated Versions
645
MCP Tools Exposed
289
Clawdbot Gateway
272
Debug Mode Enabled
58
Unauthenticated MCP
54
Config Files Exposed
32
API Keys Exposed
22
Clawdbot WebSocket
14
MCP SSE Exposed
2
Directory Listing

Reproducibility

Our research methodology is documented here for transparency. The scanning approach uses standard security research techniques with publicly available tools.

# Requirements
- Shodan API key (Freelancer plan for 1000 results/query)
- Node.js 18+
# Scan parameters
- 207 Shodan queries across 10 categories
- 25 concurrent scan connections
- 6 second delay between Shodan API calls
- 5 second timeout per host scan

Ethical Considerations

  • We only scan publicly accessible services (no authentication bypass)
  • We do not exploit vulnerabilities or access private data
  • We anonymize IP addresses in public reports
  • We rate-limit scans to avoid impacting target services
  • Our goal is to help organizations identify and fix security issues

Full Research Report

For the full analysis including detailed vulnerability breakdowns and recommendations, read our published report on the OpenA2A blog.

The State of AI Agent Security

Questions or Concerns?

If you have questions about our methodology or want to report an issue with our data, please contact us.

Open an IssueEmail Us