I am often asked this question of where to access PCAP or PCAP-NG files so that folks can explore packet captures using Wireshark. I have always provided these resources in my Wireshark classes at the Online School, but thought I should also just list them here for public consumption.
Look up the hashtag “captureeveryday” in Twitter.
I always suggest starting here: our ultimate PCAP file that has hundreds of protocols in it for learning, analysis, etc.: https://www.cellstream.com/download/our-ultimate-pcap-file/
Furthermore, I have always said “Capture Every Day” as advice to my students and anyone looking to become a skilled Wireshark Analyst. This list below will help you get there.
So here they are with a brief description for each.
- WIRESHARK.ORG Web Site has their own Sample Capture page:https://wiki.wireshark.org/SampleCaptures?highlight=%28capture%29%7C%28files%29
- PACKETLIFE.NET – a pretty good colllection of packet captures: https://packetlife.net/captures/
- HONETNET.ORG, where you can challenge yourself – look for the pcap challenges here: https://www.honeynet.org/challenges/
- NETRESEC, this is a comprehensive list of packet captures or places where you will find packet captures (look especially towards the bottom of the page): https://www.netresec.com/?page=PcapFiles
- MALWARE TRAFFIC ANALYSIS is a source for packet capture (pcap) files and malware samples: https://www.malware-traffic-analysis.net/index.html
Have I missed any?
Comments are welcomed below from registered users. You can also leave comments at our Discord server.
If you would like to see more content and articles like this, please support us by clicking the patron link where you will receive free bonus access to courses and more, or simply buying us a cup of coffee!