mcpcap Documentation
A modular Python MCP (Model Context Protocol) Server for analyzing PCAP files. mcpcap provides stateless analysis tools that accept local files or remote URLs as parameters, making it perfect for Claude Desktop and other MCP client integration.
Features
✅ Stateless MCP Tools: Each analysis tool accepts PCAP file paths or URLs as parameters
✅ Protocol Support: DNS, DHCP, and ICMP analysis with easy extensibility for new protocols
✅ Local & Remote Files: Analyze files from local storage or HTTP URLs
✅ Specialized Prompts: Security, networking, and forensic analysis guidance
✅ Robust Analysis: Comprehensive packet parsing with error handling
✅ Claude Desktop Ready: Perfect integration with MCP clients
Quick Start
Install mcpcap:
pip install mcpcap
Start the MCP server:
mcpcap
Then use analysis tools with any PCAP file:
analyze_dns_packets("/path/to/dns.pcap")
analyze_dhcp_packets("https://example.com/dhcp.pcap")
analyze_icmp_packets("/path/to/network.pcap")
API Reference
Developer Guide