Is Mcp Wireshark safe to use?

Mcp Wireshark has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Mcp Wireshark?

Mcp Wireshark supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Mcp Wireshark do?

Mcp Wireshark provides 10 tools: check_installation, list_interfaces, live_capture, read_pcap, display_filter and 5 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Mcp Wireshark?

Mcp Wireshark is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Mcp Wireshark actively maintained?

Mcp Wireshark is actively maintained — last commit was 2 days ago. It has 39 GitHub stars.

Mcp Wireshark

Name: Mcp Wireshark
Author: khuynh22

mcp-wireshark · by khuynh22

An MCP server that integrates Wireshark/tshark with AI tools and IDEs. Capture live traffic, parse .pcap files, apply display filters, follow streams, and export JSON - all via Claude Desktop, VS Code, or CLI. Cross‑platform, typed, tested, and pip‑installable.

39 10 tools GitHub PyPI

No known CVEs

MIT license

Actively maintained

Last commit 2d ago

Works with most clients

Transport: stdio, http

10 tools · ~414 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "wireshark": {
      "command": "mcp-wireshark"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-wireshark)](https://mcppedia.org/s/mcp-wireshark)

Read me

What Mcp Wireshark does

Community-maintained. Not affiliated with Wireshark or Anthropic.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'mcp-wireshark' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

88/100across 5 weighted dimensions

How we score →

0255075100

−12

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked mcp-wireshark against OSV.dev.

Inventory

Tools (10)

Click any tool to inspect its schema.

~414 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Wireshark safe to use?: Mcp Wireshark has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Mcp Wireshark?: Mcp Wireshark supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Wireshark do?: Mcp Wireshark provides 10 tools: check_installation, list_interfaces, live_capture, read_pcap, display_filter and 5 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Wireshark?: Mcp Wireshark is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Mcp Wireshark actively maintained?: Mcp Wireshark is actively maintained — last commit was 2 days ago. It has 39 GitHub stars.

Similar servers

Others in security / developer-tools

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for Mcp Wireshark and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "wireshark": {
      "command": "mcp-wireshark"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-wireshark)](https://mcppedia.org/s/mcp-wireshark)

Read me

What Mcp Wireshark does

Community-maintained. Not affiliated with Wireshark or Anthropic.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'mcp-wireshark' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

mcp-wireshark

Community-maintained MCP server for Wireshark / tshark. Not affiliated with Wireshark or Anthropic. Give your AI assistant direct access to packet captures. Ask Claude to summarize a .pcap, follow a TCP stream, filter for a specific protocol, or capture live traffic — all without leaving the chat.

Quick start with Claude Code

pip install mcp-wireshark
claude mcp add --transport stdio --scope user mcp-wireshark -- mcp-wireshark

That's it. Open Claude Code and try:

"Summarize ./capture.pcap and tell me which IPs talked the most."

--scope user makes the server available across every Claude Code project. Drop the flag to install it for the current project only. See claude mcp docs for more.

Verify the install

claude mcp list

You should see mcp-wireshark listed. Inside Claude Code, ask:

"Run check_installation."

If tshark is on your PATH, it returns the version. If not, see troubleshooting.

Tools

The server exposes 13 tools, split cleanly between read tools (safe, no side effects) and write tools (capture traffic or write files). Both groups are annotated with the standard MCP readOnlyHint so any compliant client can surface the distinction.

Read tools

Safe to call freely — they only inspect state.

Tool	What it does
`check_installation`	Verify tshark is installed and show version
`list_interfaces`	List network interfaces available to capture from
`read_pcap`	Read packets from a `.pcap` / `.pcapng` file (preview + total count)
`display_filter`	Apply a Wireshark display filter to a pcap
`summarize_pcap`	High-level summary: I/O stats, protocol hierarchy, top talkers
`stats_by_proto`	Protocol hierarchy statistics
`follow_tcp`	Reassemble a TCP stream and return its payload
`follow_udp`	Reassemble a UDP stream and return its payload
`expert_info`	tshark expert analysis: warnings, errors, and notes grouped by severity
`decode_protocol`	Extract protocol fields as a TSV table. Curated defaults for HTTP, DNS, TLS, GOOSE, MMS, SV, SIP, ICMP; arbitrary fields for any other protocol
`protocol_stats`	Aggregate `-z` reports (protocol hierarchy, conversations, endpoints, HTTP/DNS/SMB stats)

Write tools

These create files or capture live traffic. Compliant clients may prompt before invoking.

Tool	What it does
`live_capture`	Capture live traffic from an interface (capped at 5 minutes / 10k packets)
`export_json`	Export pac

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

88/100across 5 weighted dimensions

How we score →

0255075100

−12

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked mcp-wireshark against OSV.dev.

Inventory

Tools (10)

Click any tool to inspect its schema.

~414 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Wireshark safe to use?: Mcp Wireshark has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Mcp Wireshark?: Mcp Wireshark supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Wireshark do?: Mcp Wireshark provides 10 tools: check_installation, list_interfaces, live_capture, read_pcap, display_filter and 5 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Wireshark?: Mcp Wireshark is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Mcp Wireshark actively maintained?: Mcp Wireshark is actively maintained — last commit was 2 days ago. It has 39 GitHub stars.