#
tokens: 1987/50000 3/3 files
lines: on (toggle) GitHub
raw markdown copy reset 
# Directory Structure

```
├── bridge.py
├── capture_packet.lua
├── claude_desktop_config.json
├── diagram.png
├── LICENSE
├── README.md
└── Wireshark_MCP-demo.mp4
```

# Files

--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------

```markdown
 1 | # Wireshark-MCP Integration Toolkit
 2 | <h1 align="center">
 3 |   <a href="https://github.com/shubham-s-pandey/WiresharkMCP"><img src="https://github.com/shubham-s-pandey/WiresharkMCP/blob/main/diagram.png" alt="logo" border="0"></a>
 4 | </h1>
 5 | 
 6 | ## Wireshark MCP Demo Video
 7 | 
 8 | You can view the demo video for Wireshark MCP here:
 9 | 
10 | [Wireshark MCP Demo Video](https://github.com/shubham-s-pandey/WiresharkMCP/blob/main/Wireshark_MCP-demo.mp4)
11 | 
12 | ## Overview
13 | A powerful integration between Wireshark and MCP (Machine Control Protocol) that enables natural language interaction with network analysis through Claude Desktop.
14 | 
15 | ![Wireshark Integration](https://img.shields.io/badge/Wireshark-Integration-blue)
16 | ![MCP Protocol](https://img.shields.io/badge/MCP-Enabled-green)
17 | ![Python Lua](https://img.shields.io/badge/Python%20%7C%20Lua-Compatible-orange)
18 | 
19 | ## Components
20 | 
21 | ### Python MCP Server
22 | - Manages communication bridge between Wireshark and Claude
23 | - Provides CLI interface for packet analysis
24 | - Implements smart buffering and file management
25 | - Network interface discovery system
26 | 
27 | ### Lua Wireshark Extension
28 | - Real-time packet dissection and analysis
29 | - Custom protocol field definitions
30 | - Automated interface listing
31 | - Buffered packet logging system
32 | 
33 | ## Bugs and Feature Requests
34 | Please raise an issue if you encounter a bug or have a feature request. 
35 | 
36 | ## Contributing
37 | If you want to contribute to a project and make it better, your help is very welcome.
38 | 
```

--------------------------------------------------------------------------------
/claude_desktop_config.json:
--------------------------------------------------------------------------------

```json
 1 | {
 2 |   "mcpServers": {
 3 |     "wireshark_packet_analyzer": {
 4 |       "command": "python3",
 5 |       "args": [
 6 |         "C:\\Users\\Wireshark\\Desktop\\bridge.py"
 7 |       ]
 8 |     }
 9 |   }
10 | }
11 | 
```

--------------------------------------------------------------------------------
/bridge.py:
--------------------------------------------------------------------------------

```python
  1 | import logging
  2 | import os
  3 | import json
  4 | import time
  5 | from mcp.server.fastmcp import FastMCP
  6 | 
  7 | logging.basicConfig(level=logging.DEBUG)
  8 | logger = logging.getLogger(__name__)
  9 | 
 10 | CONFIG = {
 11 |     'PACKET_FILE': r'C:\Users\Wireshark\Downloads\mcp_packet_details.txt',
 12 |     'INTERFACES_FILE': r'C:\Users\Wireshark\Downloads\network_interfaces.txt',
 13 |     'MAX_DISPLAY_PACKETS': 100,
 14 | }
 15 | 
 16 | mcp = FastMCP("wireshark_packet_analyzer")
 17 | 
 18 | def read_packet_summaries(num_packets=CONFIG['MAX_DISPLAY_PACKETS']):
 19 |     """
 20 |     Read recent packet summaries from the file
 21 |     """
 22 |     try:
 23 |         if not os.path.exists(CONFIG['PACKET_FILE']):
 24 |             return "No packet capture file found. Start capturing packets in Wireshark."
 25 |         
 26 |         file_stats = os.stat(CONFIG['PACKET_FILE'])
 27 |         
 28 |         if file_stats.st_size == 0:
 29 |             return "Packet capture file is empty. Start capturing packets in Wireshark."
 30 |         
 31 |         if time.time() - file_stats.st_mtime > 3600:
 32 |             return "Packet capture file is outdated. Start a new capture in Wireshark."
 33 |         
 34 |         with open(CONFIG['PACKET_FILE'], 'r') as file:
 35 |             lines = file.readlines()
 36 |             start_index = max(0, len(lines) - num_packets)
 37 |             return ''.join(lines[start_index:]) if lines else "No packets captured yet."
 38 |     
 39 |     except Exception as e:
 40 |         logger.error(f"Error reading packet file: {e}")
 41 |         return f"Error reading packet file: {e}"
 42 | 
 43 | def get_network_interfaces():
 44 |     """
 45 |     Retrieve available network interfaces
 46 |     """
 47 |     try:
 48 |         if os.path.exists(CONFIG['INTERFACES_FILE']):
 49 |             with open(CONFIG['INTERFACES_FILE'], 'r') as f:
 50 |                 interfaces = f.read().strip().split('\n')
 51 |                 return '\n'.join(interfaces)
 52 |         
 53 |         import subprocess
 54 |         
 55 |         result = subprocess.run(['wmic', 'nic', 'get', 'Name,NetConnectionStatus'], 
 56 |                                 capture_output=True, 
 57 |                                 text=True, 
 58 |                                 shell=True)
 59 |         
 60 |         interfaces = []
 61 |         for line in result.stdout.split('\n')[1:]:
 62 |             if line.strip():
 63 |                 interfaces.append(line.strip())
 64 |         
 65 |         return '\n'.join(interfaces)
 66 |     
 67 |     except Exception as e:
 68 |         logger.error(f"Error retrieving network interfaces: {e}")
 69 |         return f"Error retrieving network interfaces: {e}"
 70 | 
 71 | def get_interface_details(interface_name):
 72 |     """
 73 |     Get detailed information about a specific interface
 74 |     """
 75 |     try:
 76 |         import subprocess
 77 |         
 78 |         result = subprocess.run(
 79 |             ['wmic', 'nic', 'where', f'Name="{interface_name}"', 'get', '*'], 
 80 |             capture_output=True, 
 81 |             text=True, 
 82 |             shell=True
 83 |         )
 84 |         
 85 |         if result.returncode == 0 and result.stdout.strip():
 86 |             return result.stdout.strip()
 87 |         else:
 88 |             return f"No details found for interface: {interface_name}"
 89 |     
 90 |     except Exception as e:
 91 |         logger.error(f"Error retrieving interface details: {e}")
 92 |         return f"Error retrieving interface details: {e}"
 93 | 
 94 | @mcp.tool()
 95 | async def list_interfaces() -> str:
 96 |     """
 97 |     MCP tool to list network interfaces
 98 |     """
 99 |     logger.debug("Listing network interfaces")
100 |     return get_network_interfaces()
101 | 
102 | @mcp.tool()
103 | async def get_packet_summary() -> str:
104 |     """
105 |     MCP tool to retrieve packet summaries
106 |     """
107 |     logger.debug("Retrieving packet summaries")
108 |     return read_packet_summaries()
109 | 
110 | @mcp.tool()
111 | async def clear_packet_file() -> str:
112 |     """
113 |     MCP tool to clear the packet capture file
114 |     """
115 |     try:
116 |         if os.path.exists(CONFIG['PACKET_FILE']):
117 |             os.remove(CONFIG['PACKET_FILE'])
118 |         return "Packet capture file cleared successfully."
119 |     except Exception as e:
120 |         logger.error(f"Error clearing packet file: {e}")
121 |         return f"Error clearing packet file: {e}"
122 | 
123 | @mcp.tool()
124 | async def get_interface_details_tool(interface_name: str) -> str:
125 |     """
126 |     MCP tool to get detailed information about a specific interface
127 |     """
128 |     logger.debug(f"Retrieving details for interface: {interface_name}")
129 |     return get_interface_details(interface_name)
130 | 
131 | # Main execution
132 | if __name__ == "__main__":
133 |     try:
134 |         logger.info("Starting MCP server for Wireshark packet analysis")
135 |         mcp.run(transport='stdio')
136 |     except Exception as e:
137 |         logger.error(f"MCP server error: {e}")
```