Is io.github.bx33661/wireshark-mcp safe to use?

io.github.bx33661/wireshark-mcp has 1 known CVE tracked by MCPpedia. You can verify these on OSV.dev by searching for "wireshark-mcp". Review the Security section above for details before installing.

How do I install io.github.bx33661/wireshark-mcp?

io.github.bx33661/wireshark-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can io.github.bx33661/wireshark-mcp do?

io.github.bx33661/wireshark-mcp provides 2 tools: wireshark_extract_dns_queries, wireshark_check_threats. See the full tools list on the server page for descriptions and parameters.

What AI clients work with io.github.bx33661/wireshark-mcp?

io.github.bx33661/wireshark-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is io.github.bx33661/wireshark-mcp actively maintained?

io.github.bx33661/wireshark-mcp is actively maintained — last commit was 6 days ago. It has 124 GitHub stars.

io.github.bx33661/wireshark-mcp

wireshark-mcp

Professional network analysis with tshark. Security audits, deep-dives, and threat detection.

124 2 tools GitHub PyPI

1 open CVE

No license

Actively maintained

Last commit 6d ago

Works with most clients

Transport: stdio, sse, http

2 tools · ~100 tok

Grade A · 0.1% of 200K ctx

Edit this pageView history

Security DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-bx33661-wireshark-mcp": {
      "args": [
        "wireshark-mcp"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-bx33661-wireshark-mcp)](https://mcppedia.org/s/io-github-bx33661-wireshark-mcp)

Read me

What io.github.bx33661/wireshark-mcp does

Drop a .pcap file, ask questions in plain English — get answers backed by real tshark data.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'wireshark-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

90/100across 5 weighted dimensions

How we score →

0255075100

−10

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 open

CVE-2026-43901lowCVSS 3.1

wireshark-mcp vulnerable to arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured

## Description ### Impact `wireshark-mcp` exposes a `wireshark_export_objects` MCP tool that accepts an attacker-controlled `dest_dir` parameter and passes it to tshark's `--export-objects` flag with **no mandatory path restriction**. The path sandbox (`_allowed_dirs`) is `None` by default and only activates when the environment variable `WIRESHARK_MCP_ALLOWED_DIRS` is explicitly set. In a default installation, any directory on the filesystem can be used as the export destination. **Affected

Affected: >= 0source →

Inventory

Tools (2)

Click any tool to inspect its schema.

~100 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.bx33661/wireshark-mcp safe to use?: io.github.bx33661/wireshark-mcp has 1 known CVE tracked by MCPpedia. You can verify these on OSV.dev by searching for "wireshark-mcp". Review the Security section above for details before installing.
How do I install io.github.bx33661/wireshark-mcp?: io.github.bx33661/wireshark-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.bx33661/wireshark-mcp do?: io.github.bx33661/wireshark-mcp provides 2 tools: wireshark_extract_dns_queries, wireshark_check_threats. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.bx33661/wireshark-mcp?: io.github.bx33661/wireshark-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is io.github.bx33661/wireshark-mcp actively maintained?: io.github.bx33661/wireshark-mcp is actively maintained — last commit was 6 days ago. It has 124 GitHub stars.

Similar servers

Others in security / devops

View all →

Mcp Gitlab96

MCP server for using the GitLab API

1.6k 12

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

8.9k 3

MCP Security Weekly

Get CVE alerts and security updates for io.github.bx33661/wireshark-mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-bx33661-wireshark-mcp": {
      "args": [
        "wireshark-mcp"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-bx33661-wireshark-mcp)](https://mcppedia.org/s/io-github-bx33661-wireshark-mcp)

Read me

What io.github.bx33661/wireshark-mcp does

Drop a .pcap file, ask questions in plain English — get answers backed by real tshark data.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'wireshark-mcp' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

Wireshark MCP

Give your AI assistant a packet analyzer.

Drop a .pcap file, ask questions in plain English — get answers backed by real tshark data.

English • 中文 • Changelog • Contributing

What is this?

An MCP server that wraps tshark (and optional Wireshark suite tools) into a structured analysis interface. Works with Claude Desktop, Claude Code, Cursor, VS Code, and 18+ other MCP clients.

You:    "Find all DNS queries going to suspicious domains in this capture."
Claude: [calls wireshark_extract_dns_queries → wireshark_check_threats]
        "Found 3 queries to domains flagged by URLhaus: ..."

Install

Prerequisites: Python 3.10+ and Wireshark with tshark on PATH.

pip install wireshark-mcp
wireshark-mcp install   # auto-configures all detected MCP clients

Restart your AI client — done.

Run wireshark-mcp doctor if anything looks off. See docs/manual-configuration.md for manual setup or platform-specific notes.

Quick Start

Point your AI client at a .pcap file and try:

Analyze capture.pcap using the Wireshark MCP tools.
Start with wireshark_open_file, then run wireshark_security_audit.
Write findings to report.md.

Tools

40+ tools organized into categories:

Category	Highlights	Count
Agentic Workflows	`wireshark_security_audit`, `wireshark_quick_analysis`, `wireshark_open_file`	4
Packet Analysis	Packet list, details, bytes, context, stream follow, search	7
Data Extraction	HTTP requests, DNS queries, TLS handshakes, field extraction	6
Statistics	Protocol hierarchy, endpoints, conversations, I/O graph, expert info	6
Security	Threat intel, credential scan, port scan, DNS tunnel, DoS detection	6
Protocol Deep Dive	TCP health, ARP spoofing, SMTP, DHCP	5
File Ops & Capture	Live capture, merge, filter-save, file info	5
Suite Utilities	editcap trim/split/dedup, text2pcap import	5
Decode & Visualize	Payload decode, traffic plot, protocol tree	3

The server starts with only tshark required. Optional tools (capinfos, mergecap, editcap, dumpcap, text2pcap) are auto-detected and enable extra features when present.

Documentation

Topic	Link
Platform setup (macOS/Linux/Windows)	docs/platform-validation.md
Manual client configuration	docs/manual-configuration.md
Promp

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

90/100across 5 weighted dimensions

How we score →

0255075100

−10

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 open

CVE-2026-43901lowCVSS 3.1

wireshark-mcp vulnerable to arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured

Affected: >= 0source →

Inventory

Tools (2)

Click any tool to inspect its schema.

~100 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.bx33661/wireshark-mcp safe to use?: io.github.bx33661/wireshark-mcp has 1 known CVE tracked by MCPpedia. You can verify these on OSV.dev by searching for "wireshark-mcp". Review the Security section above for details before installing.
How do I install io.github.bx33661/wireshark-mcp?: io.github.bx33661/wireshark-mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can io.github.bx33661/wireshark-mcp do?: io.github.bx33661/wireshark-mcp provides 2 tools: wireshark_extract_dns_queries, wireshark_check_threats. See the full tools list on the server page for descriptions and parameters.
What AI clients work with io.github.bx33661/wireshark-mcp?: io.github.bx33661/wireshark-mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is io.github.bx33661/wireshark-mcp actively maintained?: io.github.bx33661/wireshark-mcp is actively maintained — last commit was 6 days ago. It has 124 GitHub stars.