bx33661/Wireshark-MCP
by Various
Wireshark-MCP,Give your AI assistant a packet analyzer. Drop a .pcap file, ask questions in plain English — get answers backed by real tshark data.
MCP
bx33661/Wireshark-MCP
Added 1 June 2026
Overview
Wireshark-MCP is a Python-based MCP server that lets AI assistants analyze network packet captures. It accepts .pcap files and answers plain-English questions by running tshark queries against the data.
Best for
Best for
Developers and security analysts who want to query packet captures through an AI assistant
Use cases
- Ask an AI to explain suspicious traffic patterns in a .pcap file
- Automate network forensics by feeding captures to an assistant
- Query packet details without manually writing tshark commands
How to use
Install
pip install wireshark-mcp\nwireshark-mcp install Tools exposed
tsharkcapinfosmergecapeditcapdumpcaptext2pcap
Tested with
Claude Desktop, Claude Code, Cursor, VS Code
Notes
Wireshark-MCP is a Python-based MCP server that lets AI assistants analyze network packet captures. It accepts .pcap files and answers plain-English questions by running tshark queries against the data.
131 stars on GitHub. Last updated 2026-05-22. Licensed MIT.
Use cases
- Ask an AI to explain suspicious traffic patterns in a .pcap file
- Automate network forensics by feeding captures to an assistant
- Query packet details without manually writing tshark commands
Pros
- Bridges natural language questions with real tshark analysis
- Lightweight Python server easy to integrate into MCP workflows
- Open source with 131 stars and active community interest
Cons
- Requires tshark installed separately on the host system
- Limited to .pcap file input; no live capture support
- Dependent on the AI assistant’s ability to interpret network data
Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.
Pros
- Bridges natural language questions with real tshark analysis
- Lightweight Python server easy to integrate into MCP workflows
- Open source with 131 stars and active community interest
Cons
- Requires tshark installed separately on the host system
- Limited to .pcap file input; no live capture support
- Dependent on the AI assistant's ability to interpret network data
Pairs with
Other entries in the index that connect to this one. Click through to see the chain.
Claude Code
Anthropic
Anthropic's terminal-native coding agent. Reads your repo, edits files, runs tests, ships PRs.
Cline
Cline
Open-source autonomous coding agent that lives inside VS Code. BYO model key, watch it work.
Continue
Continue.dev
Open-source AI code assistant for VS Code and JetBrains. Customisable, BYO model, built for enterprise.
Get the free Developer’s Field Guide
A 27-page field guide to the AI coding workflow with Claude. Claude Code, MCP servers, the prompt patterns that work, and what to delegate. Free.
Enter your work email. We send it straight over, plus a few short notes worth knowing. Unsubscribe any time.