• 8793 users, 60474459 packets, 3150 pcaps, 461 protocols, 225 tags
  • New!
  • Links ▼
    • Cap'r Mak'r
    • Contribute
    • Drafts
    • FAQ
    • Forensics
    • Field Index
    • Mu DoS
    • Profile
    • Trends
    • xtractr
  • You are not logged in
  • Login
  • Register
Examples
  • http buffer overflow (basic keyword search)
  • by:mu (search for pcaps submitted by "mu")
  • sip AND "180 Ringing" (search for SIP pcaps that contain a "180 Ringing" packet)
  • "Tree Connect AndX Request" (search for SMB pcaps that contain a "Tree Connect AndX Request" packet)
  • http AND field:ipv6* (search for HTTP pcaps over IPv6)

Have you tried the Field Index? This is an easy way to find pcaps with specific protocol fields.

You must login to view, edit, upload and comment on pcaps. If you are a new user, you can register here.
  		•
    2 packets | 321 bytes
    malware_sniffer.pcap
    Fake Anti Virus MalwareMD5 : d3552ad05342169b9323877dec632443SHA1 : 7d4dcb1d0 ...
    proto: dns
    Edit spenserreinhardt October 2010
  • 2 packets | 328 bytes
    anubis.iseclab.org-adb690c6-c68d-4ab0-8ea1-0b56492b6d10.pcap
    malware from co4j.co.cc
    proto: dns
    Edit grconkli March 2011
  • 67 packets | 47 KB
    malware_traffic.pcap
    Came from Bredolab malware. Downloads more malware with the xor key being the ma ...
    proto: dns http tcp
    Edit bobb.harley September 2009
  • 13 packets | 1 KB
    bradesco.pcap
    trafic from a Brazilian banker malware...
    proto: dns http tcp
    Edit clebeer October 2009
  • 17 packets | 3 KB
    anubis.iseclab.org-5cd039b5-4f51-4172-bf9a-ad657f94cfa2.pcap
    malware
    proto: dns http tcp
    Edit grconkli October 2010
  • 83 packets | 40 KB
    traffic.pcap
    cpf irregular malware analysis.MD5 = 7615e4d9c828d38eac57dc10d817e266
    proto: dns http tcp
    Edit clebeer September 2009
  • 45 packets | 3 KB
    syrian_malware_pcapr
    proto: tcp
    tags: syria government malware al assad tracking
    Edit contact April 2012
  • 280 packets | 74 KB
    Linux_Any_Misc-00000
    proto: aoe dns fc els http http/xml icmp mdns ntp ssl tcp tlsv1
    Edit tyson.key October 2009
  • 308 packets | 280 KB
    anubis.iseclab.org-ca0e112a-e68d-442e-ba4d-0d6d59763478.pcap
    malware
    proto: dns http tcp
    Edit grconkli November 2010
  •  » More...