Updated April 2026
Install Wireshark MCP
Pick your client, copy the command, done.
1
Add it to Claude Code
Run this in a terminal.
claude mcp add wireshark-mcp-57e6 -- uvx wireshark-mcpAvailable Tools (2)
Once configured, Wireshark MCP gives your AI agent access to:
wireshark_extract_dns_queriesExtracts DNS queries from a pcap file.file_pathwireshark_check_threatsChecks captured network traffic against threat intelligence sources.file_pathTry It Out
After setup, try these prompts with your AI agent:
→Find all DNS queries going to suspicious domains in this capture.
→Analyze this pcap file and identify any potential security threats.
→Extract the protocol hierarchy from the provided network capture.
→Follow the HTTP stream in this packet capture and summarize the data.
Prerequisites & system requirements
- An MCP-compatible client (Claude Code, Cursor, Windsurf, Claude Desktop, or Codex)
- Python 3.8+ with pip installed
Alternative installation methods
uvx
uvx wireshark-mcpKeep this setup from going cold
Save the docs, env vars, and workflow around Wireshark MCP in Conare so Claude Code, Codex, and Cursor remember it next time.
Need the legacy visual installer? Open Conare IDE.