SharkMCP

MIT License

Overview InspectNew Endpoints Schema Related Servers Reviews Score

analyze_pcap_file

Analyze local PCAP/PCAPNG files with configurable filters, output formats, and custom fields using Wireshark/tshark integration for network security insights.

Instructions

Analyze a local pcap/pcapng file. LLMs control all analysis parameters including filters, output formats, and custom fields. Can use saved configurations.

Input Schema

Name	Required	Description	Default
`configName`	No	Name of saved configuration to use for analysis parameters
`customFields`	No	Custom tshark field list (only used with outputFormat=fields)
`displayFilter`	No	Wireshark display filter for analysis (e.g., "tls.handshake.type == 1")
`filePath`	Yes	Path to the local .pcap or .pcapng file to analyze.
`outputFormat`	No	Output format: json (-T json), fields (custom -e), or text (default wireshark output)	text
`sslKeylogFile`	No	ABSOLUTE path to SSL keylog file for TLS decryption

Input Schema (JSON Schema)

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "additionalProperties": false,
  "properties": {
    "configName": {
      "description": "Name of saved configuration to use for analysis parameters",
      "type": "string"
    },
    "customFields": {
      "description": "Custom tshark field list (only used with outputFormat=fields)",
      "type": "string"
    },
    "displayFilter": {
      "description": "Wireshark display filter for analysis (e.g., \"tls.handshake.type == 1\")",
      "type": "string"
    },
    "filePath": {
      "description": "Path to the local .pcap or .pcapng file to analyze.",
      "type": "string"
    },
    "outputFormat": {
      "default": "text",
      "description": "Output format: json (-T json), fields (custom -e), or text (default wireshark output)",
      "enum": [
        "json",
        "fields",
        "text"
      ],
      "type": "string"
    },
    "sslKeylogFile": {
      "description": "ABSOLUTE path to SSL keylog file for TLS decryption",
      "type": "string"
    }
  },
  "required": [
    "filePath"
  ],
  "type": "object"
}

This server cannot be installed

Other Tools from SharkMCP

Related Tools

extract_credentials
@0xKoda/WireMCP
analyze_pcap
@0xKoda/WireMCP
run-nmap-scan
@imjdl/nmap-mcpserver
list-all-scans
@imjdl/nmap-mcpserver
nmapScan
@DMontgomery40/pentest-mcp
start_capture_session
@kriztalz/SharkMCP

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/kriztalz/SharkMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server