#wireshark

Wireshark/tshark MCP server — capture live network traffic, analyze .pcap files, apply display filters, follow TCP/UDP streams, and export to JSON. Works with Claude Desktop, VS Code Copilot, and any MCP-compatible client.

Give your AI assistant a packet analyzer. Drop a .pcap file, ask questions in plain English — get answers backed by real tshark data.

NetForensicMCP V2.1 is a Model Context Protocol (MCP) server designed to empower Large Language Models (LLMs) with advanced offline network traffic analysis and threat intelligence capabilities. Built on top of Wireshark's tshark, NetForensicMCP provides comprehensive PCAP analysis tools for cybersecurity professionals, threat hunters, and network forensics investigators.

NetForensicMCP V2.1 is a Model Context Protocol (MCP) server designed to empower Large Language Models (LLMs) with advanced offline network traffic analysis and threat intelligence capabilities. Built on top of Wireshark's tshark, NetForensicMCP provides comprehensive PCAP analysis tools for cybersecurity professionals, threat hunters, and network forensics investigators.

A tshark MCP server for packet capture and analysis Features: Async: your agent can run a curl command and get the packets for it Flexible: You choose the capture and display filters Config: You can reuse the display and capture filters

TShark/Wireshark MCP server for network packet analysis via Claude

Wireshark Packet Analyzer with MCP Integration This project integrates the MCP (Message Communication Protocol) server with Wireshark to analyze and interact with network packets. The tool enables packet capture, analysis, and management using MCP while leveraging Wireshark's Lua scripting capabilities.