elkentaro

elkentaro / sharkbot

Public

AI assistant for wireshark

20
4
100% credibility
Found Apr 23, 2026 at 20 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

SharkBot is a Wireshark companion that explains selected packets in plain language, suggests investigation steps and display filters, and optionally uses AI for deeper guidance.

How It Works

1
🔍 Discover SharkBot

While puzzling over strange network traffic in Wireshark, you find SharkBot, a friendly helper that explains packets in everyday words.

2
🛠️ Get it ready

You add a simple helper file to Wireshark and start a companion program on your computer, taking just a few minutes.

3
📂 Open your traffic capture

Load your packet file into Wireshark and pick a confusing packet that needs explaining.

4
🚀 Launch your assistant

Right-click the packet and choose SharkBot – a web page pops open showing the packet details and smart next steps.

5
Pick your thinking style
Quick tips

Use simple rules to get instant explanations and filters right away.

🧠
Smart AI

Add AI power for expert-level advice tailored to your packet.

6
💡 Get helpful advice

Read plain explanations, copy suggested filters, and follow guided steps to narrow your view.

🏆 Solve the mystery

You understand the traffic, spot issues or confirm it's normal, and feel confident analyzing networks like a pro.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 20 to 20 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is sharkbot?

Sharkbot is a Python-based Wireshark companion that turns packet analysis into a guided chat: select a packet, right-click for SharkBot menu options, and a browser opens with packet context for AI explanations, display filter suggestions, and next steps. It solves the "stuck on a PCAP" problem for analysts by defaulting to rule-based logic but invoking AI (OpenAI, Anthropic, Gemini, or Ollama) on demand with "+AI" prompts, plus prebuilt playbooks for TCP issues, DNS probes, WiFi triage, and suspicious traffic—like a CISO assistant github tool or home assistant wireshark addon. Sessions persist for iterative narrowing, exporting chats as Markdown.

Why is it gaining traction?

It embeds seamlessly via Lua plugin into Wireshark's right-click menu, auto-opening browsers with context—no copy-paste hassles—while teaching Wireshark pivots like Follow Stream or Conversations over raw answers. Rule-based fallbacks keep it reliable without API keys, and playbooks bias guidance for real workflows, standing out from generic chatbots or solar assistant github clones. Devs dig the local Ollama support for offline use.

Who should use this?

SOC L1 analysts triaging alerts in PCAPs, network engineers debugging TCP slowness or WiFi deauths, junior pentesters learning protocol pivots—anyone Wireshark-ing suspicious traffic without deep expertise. Pairs well with motion assistant github for IoT captures or sharkboy discord bots for team shares.

Verdict

Worth a quick venv setup and Lua copy for frequent PCAP work—docs are thorough, playbooks practical despite 20 stars and 1.0% credibility score signaling early maturity. Test on your next Wireshark session; low risk, high upside for guided triage.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.