weirdmachine64 / SharkMCP

Public

A swiss-knife MCP server for analysing PCAP files

100% credibility

Found Apr 28, 2026 at 12 stars -- GitGems finds repos before they trend. Get early access to the next one.

AI Analysis

Python

AI Summary

This project creates a bridge for AI language models to analyze network packet capture files using natural language commands powered by Wireshark's analysis engine.

How It Works

📡 Discover the Helper

You hear about a handy tool that lets AI chat assistants analyze your network traffic recordings just by chatting.

🛠️ Set It Up

You download and prepare the tool on your computer, making sure you have the network analyzer software installed.

🤖 Connect to AI

You link the tool to your favorite AI chat so it can understand and use network analysis features.

📁 Load Recording

You pick a network traffic file and give it a simple name to start exploring.

🔍 Ask Questions

You chat with the AI to get summaries, find errors, see conversations, or follow streams in the traffic.

💡 Get Insights

The AI shows you easy-to-read overviews, graphs, and details about what's happening in your network capture.

🎉 Understand Traffic

You quickly spot issues, patterns, and details in complex network data without needing deep expertise.

Sign up to see the full architecture

5 more

Star Growth

See how this repo grew from 12 to 12 stars Sign Up Free

Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose

AI-Generated Review

What is SharkMCP?

SharkMCP is a Python swiss-knife MCP server for analysing PCAP and PCAPNG files via Wireshark's sharkd interface. Load captures into isolated sessions and query them through LLM tools like pcap_summary for overviews, list_packets for filtered lists, conversations for peer traffic, follow_stream for reassembled payloads, and export_objects for pulling files. It turns manual Wireshark dissection into natural-language analysis over MCP, with caching for fast follow-ups.

Why is it gaining traction?

This swiss army knife github tool stands out by wrapping sharkd's full tap library—protocol hierarchies, VoIP stats, expert errors, sequence diagrams—into paginated, cached MCP endpoints, avoiding full rescans. Devs dig the escape hatch tap tool for any custom sharkd query, plus autocomplete and preference tweaks, making it a drop-in for AI agents without scripting boilerplate. At 12 stars, it's niche but hooks network pros tired of tshark CLI hacks.

Who should use this?

Network security analysts debugging incidents via LLM chats on captures; SREs graphing traffic anomalies or extracting HTTP objects; protocol devs validating filters or VoIP streams in CI. Ideal for anyone building MCP-powered agents that need deep PCAP inspection without launching Wireshark.

Verdict

Try SharkMCP if you're in pcap-heavy workflows—solid docs and tool coverage make it usable now, despite 1.0% credibility and low maturity. Fork and contribute to push it beyond prototype.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.

Stars

Forks

Followers

Base stars: 12 stars

Penalty: Very new repo (0d): -70%

Bonus: AI verified quality (100%)

Account age: 381 days

Repo age: 0 days

License: MIT

Updated: Apr 28, 2026