mcp-wireshark
Verified Safeby khuynh22
Overview
Integrate Wireshark/tshark capabilities into AI tools and IDEs for network packet capture and analysis.
Installation
mcp-wiresharkSecurity Notes
The server implements robust input validation for file paths, preventing path traversal attacks and limiting allowed file extensions (.pcap, .pcapng, .cap). Display filter expressions are sanitized to prevent command injection (e.g., checking for semicolons, pipes, backticks). Resource limits for packet count (max 10,000) and capture duration (max 300 seconds) mitigate potential denial-of-service. Subprocess execution (`run_tshark`, `run_dumpcap`) uses argument lists directly, which is inherently safer than shell execution. Live packet capture is an inherently privileged operation, and the documentation clearly states that it requires elevated permissions on most systems.
Similar Servers
mcp-scanner
Scans Model Context Protocol (MCP) servers, tools, prompts, and resources for security vulnerabilities, employing static analysis, YARA rules, Cisco AI Defense API, and LLM-based behavioral analysis.
mcp-shark
Aggregate multiple Model Context Protocol (MCP) servers into a single unified interface with a powerful monitoring UI.
mcp-zap-server
Orchestrates OWASP ZAP security scanning actions (spider, active scan, OpenAPI import, reporting) via the Model Context Protocol, enabling AI agents like Claude Desktop or Cursor to perform security testing.
nettune
This server acts as an MCP (Model Context Protocol) stdio client wrapper for the 'nettune' TCP network optimization tool, enabling AI-assisted network diagnostics and configuration on Linux servers.