- Home
- MCP servers
- SharkMCP Server
SharkMCP Server
- typescript
22
GitHub Stars
typescript
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"tuliperis-sharkmcp": {
"command": "node",
"args": [
"/path/to/SharkMCP/dist/index.js"
],
"env": {
"SSLKEYLOGFILE": "/path/to/sslkeylog.log"
}
}
}
}SharkMCP provides local network packet capture and analysis capabilities by integrating with tshark, enabling you to start a capture, perform actions, and analyze the results. It helps you debug network traffic, verify requests, and inspect packet data in a focused, repeatable way.
How to use
You interact with SharkMCP through an MCP client to manage capture sessions and analysis tasks. Start a capture session to record traffic, perform the actions you want to inspect, then stop the capture to analyze the results. You can filter what you capture, choose how you display results, and save configurations for reuse.
How to install
Prerequisites: you need a working Node.js environment and a local tshark installation.
Step 1: Install system dependencies for tshark/tshark access.
Step 2: Install Node.js (v18+).
Step 3: Install the project dependencies using your package manager.
Step 4: Build the SharkMCP project.
Step 5: Run the server with the runtime command.
Configuration
You can configure SharkMCP with a local client that runs the MCP server process. The example below shows how to define the local server in your MCP client configuration.
{
"mcpServers": {
"sharkmcp": {
"command": "node",
"args": ["/path/to/SharkMCP/dist/index.js"]
}
}
}
Security considerations
Packet capture requires appropriate system privileges and should be restricted to trusted environments. Be mindful of storing temporary capture files and the sensitivity of decrypted traffic.
Troubleshooting
Common issues include ensuring tshark is installed and accessible, verifying the capture interface and filters, and confirming you have sufficient permissions to access the network interfaces.
Development notes
The project is structured to separate the MCP protocol layer, tshark integration, and host system interactions. You can run development workflows to test capture sessions, analyze results, and verify configuration persistence.
Available tools
start_capture_session
Initiates a background packet capture with configurable interface, capture filters, and timeout.
stop_capture_session
Stops the active capture and analyzes the captured data, producing output in the selected format.
analyze_pcap_file
Analyzes an existing PCAP file and returns structured results according to the chosen output format.
manage_config
Saves, loads, and reuses capture/analysis configurations for quick repeatability.