π New Release: mcp-wireshark - Wireshark for the AI Era!
I'm excited to announce the initial release of mcp-wireshark, a Python-based Model Context Protocol (MCP) server that seamlessly integrates Wireshark/tshark with modern AI tools (like Claude Desktop) and IDEs (like VS Code)!
This project turns powerful network analysis into an accessible, programmatic tool for developers, security researchers, and network engineers.
π‘ What is mcp-wireshark?
Itβs a cross-platform, typed, and testable server that lets you execute core Wireshark/tshark functions right from your favorite AI-powered client or IDE.
β¨ Key Features
-
π‘ Live Capture & PCAP Analysis: Capture live traffic or parse existing
.pcap/.pcapngfiles. - π Display Filters: Apply powerful Wireshark display filters programmatically.
- π Follow TCP Streams: Extract and analyze specific TCP stream payloads.
- π Protocol Statistics: Generate detailed protocol statistics on the fly.
- πΎ JSON Export: Export packet data to JSON format for easy analysis and integration.
- π» Cross-Platform: Works on macOS, Linux, and Windows.
π οΈ Installation is Quick!
Requires Python 3.10+ and Wireshark/tshark installed on your system.
pip install mcp-wireshark
π§βπ» Usage Examples
You can use it via the CLI, or integrate it into Claude Desktop and VS Code via their respective MCP configuration files.
Example: Read 50 Packets from a PCAP
You can prompt your AI tool to use the built-in read_pcap tool:
Read the first 50 packets from 'network_log.pcap'
Example: Capture Live Traffic
You can use the live_capture tool:
Capture packets from eth0 for 60 seconds with filter "tcp.port == 80"
π Helpful Links
GitHub Repository: https://github.com/khuynh22/mcp-wireshark
PyPI: https://pypi.org/project/mcp-wireshark/
Give it a try and let me know what you think! All feedback, bug reports, and contributions are welcome. If you find it helpful, please leave a star.
Top comments (0)