Enterprise DNA
M MCP Servers Developer low

bx33661/Wireshark-MCP

by Various

Wireshark-MCP,Give your AI assistant a packet analyzer. Drop a .pcap file, ask questions in plain English — get answers backed by real tshark data.

B

MCP

bx33661/Wireshark-MCP

Added 1 June 2026

#ai-agents #mcp #network-security #packet-analysis #pcap #tshark #wireshark

Overview

Wireshark-MCP is a Python-based MCP server that lets AI assistants analyze network packet captures. It accepts .pcap files and answers plain-English questions by running tshark queries against the data.

Best for

Best for
Developers and security analysts who want to query packet captures through an AI assistant

Use cases

  • Ask an AI to explain suspicious traffic patterns in a .pcap file
  • Automate network forensics by feeding captures to an assistant
  • Query packet details without manually writing tshark commands

How to use

Install

pip install wireshark-mcp\nwireshark-mcp install

Tools exposed

  • tshark
  • capinfos
  • mergecap
  • editcap
  • dumpcap
  • text2pcap

Tested with

Claude Desktop, Claude Code, Cursor, VS Code

Notes

Wireshark-MCP is a Python-based MCP server that lets AI assistants analyze network packet captures. It accepts .pcap files and answers plain-English questions by running tshark queries against the data.

131 stars on GitHub. Last updated 2026-05-22. Licensed MIT.

Use cases

  • Ask an AI to explain suspicious traffic patterns in a .pcap file
  • Automate network forensics by feeding captures to an assistant
  • Query packet details without manually writing tshark commands

Pros

  • Bridges natural language questions with real tshark analysis
  • Lightweight Python server easy to integrate into MCP workflows
  • Open source with 131 stars and active community interest

Cons

  • Requires tshark installed separately on the host system
  • Limited to .pcap file input; no live capture support
  • Dependent on the AI assistant’s ability to interpret network data

Indexed from awesome-mcp-servers-punkpeye and enriched against its public facts.

Pros

  • Bridges natural language questions with real tshark analysis
  • Lightweight Python server easy to integrate into MCP workflows
  • Open source with 131 stars and active community interest

Cons

  • Requires tshark installed separately on the host system
  • Limited to .pcap file input; no live capture support
  • Dependent on the AI assistant's ability to interpret network data
Free 27-page guide

Get the free Developer’s Field Guide

A 27-page field guide to the AI coding workflow with Claude. Claude Code, MCP servers, the prompt patterns that work, and what to delegate. Free.

Enter your work email. We send it straight over, plus a few short notes worth knowing. Unsubscribe any time.

No spam. Unsubscribe any time.

Running a business, not writing the code? See the MCP servers picked for operators, and get your first one wired up with us.

Operator picks