Google Summer of Code 2020

Each year Google brings students and open source projects together in the Google Summer of Code. This page tracks Wireshark's participation in GSoC 2020.


The ideas below have been contributed by Wireshark's community of developers and users. Some of them are "what ifs". Some are based on very specific and immediate needs. Either way, if you are a student you should contact the submitter/mentor or the wireshark-dev mailing list for background information or clarification before submitting your proposal. More information about wireshark-dev and complete list archives can be found on the mailing lists page.

If you are adding an idea below, please be as clear and provide as much information as possible. Projects that can be completed in about 12 weeks are preferred.


We're collecting proposals for projects. See "Ideas" below.

Important dates (from Timeline):

The Nmap SoC page has some good guidelines for students including:


As discussed at please use the following template. Proposals should be sorted alphabetically by title.

Please provide as much information as possible.

USB Audio/Video stream export

Summary. Wireshark features RTP stream analysis and filtering. It would be nice to have similar functionality for USB Audio and/or USB Video class devices. USB Audio devices describe the supported audio formats in class-specific descriptors. Information from descriptors alongside with control requests can be used to determine the format used in isochronous transfers (e.g. 16-bit PCM).

Expected Result. Ability to playback captured USB Audio streams.

Mentor(s). Tomasz Moń

Prerequisites. C, C++, Qt

Area(s) of Wireshark. libwireshark (dissector), UI

USB HID Report Descriptor parser

Summary. Wireshark currently has basic USB HID class dissector. While it is capable of dissecting the HID Report Descriptor itself, it only annotates the bytes within the descriptor. The USB HID dissector does not parse the HID Report Descriptor and does not build any report format representation based on it. The goal is that instead of showing "Leftover Capture Data" for the interrupt transfers (HID Reports) it would show what individual bytes mean (e.g. buttons state).

Expected Result. USB HID Reports would be dissected based on the HID Report Descriptor present in the capture.

Mentor(s). Tomasz Moń

Prerequisites. C, Compiler Theory, USB HID

Area(s) of Wireshark. libwireshark (dissector)

Summary. Wireshark 3.2.0 includes basic USB Link Layer dissector. It currently only works at the USB packet level. The goal is to extend the dissector in a way that it would reassemble the transfers (including SPLIT transactions) and pass reassembled data to USB dissector ("URB dissector").

Expected Result. Existing USB class dissectors (e.g. Audio) dissecting USB transfers reassembled from the USB packets captured by hardware USB sniffer (e.g. OpenVizsla).

Mentor(s). Tomasz Moń

Prerequisites. C, USB 2.0

Area(s) of Wireshark. libwireshark (dissector)

Extcap interface improvements

Summary. Wireshark extcap interface allows easy integration of various capture sources. While the extcap interface is generally working fine, there are some outstanding bugs that limit its usefulness. The project idea is to fix multiple extcap related bugs/feature requests, e.g. properly indicate capture source, bookmark extcap options as new "interface", reduce number of configuration calls to extcap binary, implement grouping in selector options.

Expected Result. Improved extcap interface support, lower amount of open extcap bugs.

Mentor(s). Tomasz Moń

Prerequisites. C, C++, Qt

Area(s) of Wireshark. extcap, UI

SSH decryption support

Summary. Wireshark supports dissection of the initial plaintext SSH protocol messages, but support is missing for decryption of encrypted protocol messages (authentication messages, shell commands and output, file transfers (SFTP), forwarded ports, etc.). To enable dissection of the latter protocol messages, decryption has to be implemented in Wireshark based on externally supplied secrets. These external secrets can be obtained from an existing SSH client or server using a debugger or other means (to be implemented).

(See also

Expected Result. Ability to (1) decrypt !SSHv2 packet captures with modern ciphers based on (2) externally provided shared Diffie-Hellman secrets, and (3) dissect the resulting plaintext protocol messages.

Mentor(s). Peter Wu

Prerequisites. C, basic cryptography preferred (familiarity with Diffie-Hellman, ChaCha20-Poly1305, AES-GCM/CBC).

Area(s) of Wireshark. libwireshark (dissector)

GSoC2020 (last edited 2020-01-03 20:55:06 by PeterWu)