Skip to content

Commit 5af2788

Browse files
tech4242tech4242
committed
fix: README
1 parent d85dfec commit 5af2788

File tree

1 file changed

+23
-1
lines changed

1 file changed

+23
-1
lines changed

README.md

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ MCPHawk is a passive sniffer for **Model Context Protocol (MCP)** traffic, simil
1515

1616
- It captures JSON-RPC traffic between MCP clients and WebSocket/TCP-based MCP servers (IPv4 and IPv6) e.g. from any tool, agent, or LLM
1717
- MCPHawk can reconstruct full JSON-RPC messages from raw TCP traffic without requiring a handshake.
18-
- It captures traffic "on the wire" between any MCP client and server—does not require client/server modification.
18+
- It captures traffic "on the wire" between any MCP client and server—does not require client/server modification.
1919

2020
<img src="examples/branding/mcphawk_screenshot.png" alt="MCPHawk Logo" width="100%">
2121

@@ -68,6 +68,24 @@ Non-exhaustive list:
6868
- **mcpinspector**: Best for actively testing MCP servers, crafting custom requests, interactive debugging
6969
- **Wireshark**: Best for general network analysis, non-MCP protocols, deep packet inspection
7070

71+
## TLS/HTTPS Limitations
72+
73+
MCPHawk captures **unencrypted** MCP traffic only. It cannot decrypt:
74+
- HTTPS/WSS (WebSocket Secure) connections
75+
- TLS-encrypted TCP connections
76+
- Any SSL/TLS encrypted traffic
77+
78+
**This tool is ideal for:**
79+
- 🛠️ **Local MCP development** - Debug your MCP server implementations
80+
- 🔍 **Understanding MCP protocol** - See actual JSON-RPC message flow
81+
- 🐛 **Troubleshooting local tools** - Monitor Claude Desktop, Cline, etc. with YOUR local MCP servers
82+
- 📊 **Development/staging environments** - Where TLS is often disabled
83+
84+
**Not suitable for:**
85+
- Production traffic analysis (usually encrypted)
86+
- Cloud MCP services (HTTPS/WSS)
87+
- Third-party MCP servers with TLS
88+
7189
## Installation
7290

7391
### For Users
@@ -176,6 +194,10 @@ Vote for features by opening a GitHub issue!
176194
- [ ] **Visualization** - Sequence diagrams, resource heat maps, method dependency graphs
177195
- [ ] **MCP Server Interface** - Expose captured traffic via MCP server for AI agents to query and analyze traffic patterns
178196

197+
... and a few more off the deep end:
198+
- [ ] **TLS/HTTPS Support (MITM Proxy Mode)** - Optional man-in-the-middle proxy with certificate installation for encrypted traffic
199+
- [ ] **External Decryption Integration** - Import decrypted streams from Wireshark, Chrome DevTools, or SSLKEYLOGFILE
200+
179201
## For Developers
180202

181203
```bash

0 commit comments

Comments
 (0)