I am often asked this question of where to access PCAP or PCAP-NG files so that folks can explore packet captures using Wireshark. I have always provided these resources in my Wireshark classes at the Online School, but thought I should also just list them here for public consumption.
Look up the hashtag “captureeveryday” in Twitter.
Furthermore, I have always said “Capture Every Day” as advice to my students and anyone looking to become a skilled Wireshark Analyst. This list below will help you get there.
So here they are with a brief description for each.
- WIRESHARK.ORG Web Site has their own Sample Capture page:https://wiki.wireshark.org/SampleCaptures?highlight=%28capture%29%7C%28files%29
- PACKETLIFE.NET – a pretty good colllection of packet captures: https://packetlife.net/captures/
- HONETNET.ORG, where you can challenge yourself – look for the pcap challenges here: https://www.honeynet.org/challenges/
- NETRESEC, this is a comprehensive list of packet captures or places where you will find packet captures (look especially towards the bottom of the page): https://www.netresec.com/?page=PcapFiles
- MALWARE TRAFFIC ANALYSIS is a source for packet capture (pcap) files and malware samples: https://www.malware-traffic-analysis.net/index.html
Have I missed any?
Please add comments below of where you get packet captures for learning and exploring.