Developer Documentation

Integrate Pcap AI's intelligence into your existing security stack, AI agents, and custom workflows.

MCP Server

Connect AI agents like Claude Desktop to analyze local network traffic. Empower your LLMs with real-time PCAP forensics.

Set up MCP

REST API

Integrate PCAP analysis directly into your custom scripts and backend services. Automate bulk uploads and report generation.

Read API Docs

Integrate PCAP Analysis into Any Workflow

PcapAI exposes its forensics engine through two integration paths — choose the one that fits your stack.

MCP Server — for AI Agents

The MCP Server integration lets AI assistants like Claude Desktop call PcapAI's analysis tools directly during a conversation. Point the agent at a local PCAP file and ask forensic questions in plain language — the server handles deep packet inspection, threat detection, and MITRE ATT&CK mapping on your machine. No raw packet data ever leaves your environment.

REST API — for Custom Pipelines

The REST API lets you embed PCAP analysis into scripts, SIEM integrations, and backend services. Upload a capture file, poll for results, and receive structured JSON reports covering network anomalies, protocol violations, and security findings — ready to pipe into your existing ticketing or alerting systems.

What You Can Automate

Deep packet inspection and protocol analysis

Threat detection and C2 beaconing identification

MITRE ATT&CK technique mapping

Automated incident report generation

Compliance auditing for PCI-DSS, HIPAA, SOC2

Bulk PCAP processing via API pipelines