What good is a large pcap if you can't mine the data, peek into it, search for terms and interactively explore conversations? We took a number of publicly available pcaps, indexed them and added a dash of Web 2.0 love. With overand, this represents thecollection of indexed pcaps online.

Network Forensics on such a large scale becomes a lonely, tiring endeavor. To cheer things up, we've added the ability for you to attach notes to packets and cross correlate interesting packets with other ones. You can also share cool searches with the rest of the community. This means you can flag packets with insightful (or not) comments about why you thought it was interesting. While you are at it, maybe you can find out who actually captured the flag?

O

Register or login to browse all datasets.

Hack.Lu 2009

Captures from a honepot for the Information Security Visualization Contest . "For the hack.lu 2009 conference, we make a contest to visualize data collected (network and tty captures) in a honeypot"

has never been this much fun!

capture_2 149 MB 1505485 packets capture_1 441 MB 1505481 packets capture_3 118 MB 1312221 packets

Defcon17

Capture the Flag event at Defcon17 published by the Diutinus Defense . "The DEFCON 17 CTF packet captures and binaries are now available via bittorrent."

ctf_dc17.10.14 477 MB 2074952 packets ctf_dc17.30.34 477 MB 2045869 packets ctf_dc17.45.49 477 MB 2032016 packets ctf_dc17.25.29 477 MB 2024474 packets ctf_dc17.15.19 477 MB 2007859 packets ctf_dc17.35.39 477 MB 2002019 packets ctf_dc17.40.44 477 MB 1984441 packets ctf_dc17.20.24 477 MB 1972216 packets ctf_dc17.5.9 477 MB 1928086 packets ctf_dc17.0.4 477 MB 1885459 packets ctf_dc17.70.74 477 MB 1826477 packets ctf_dc17.65.69 477 MB 1639862 packets ctf_dc17.60.64 477 MB 1516156 packets ctf_dc17.50.54 477 MB 1490716 packets ctf_dc17.55.59 477 MB 1291874 packets ctf_dc17.75.77 268 MB 890488 packets

Information Technology Operations Center

Captures from the 2009 Inter-Service Academy Cyber Defense Competition . "The annual competition pits the service academies, including West Point, against an actual National Security Agency Red Team. We release these data and log files in order to augment existing datasets to help develop better methods for detecting intrusions and attacks against our critical network infrastructure."

Update: If you are wondering why half of most conversations are missing, it's because of a : If you are wondering why half of most conversations are missing, it's because of a misconfiguration during the capture.

2009-04-21-04-06-19.dmp11 954 MB 1789827 packets 2009-04-21-04-06-19.dmp112 954 MB 1777878 packets 2009-04-21-04-06-19.dmp14 954 MB 1527784 packets 2009-04-21-04-06-19.dmp111 954 MB 1521127 packets 2009-04-21-04-06-19.dmp113 954 MB 1276181 packets 2009-04-21-04-06-19.dmp12 954 MB 1274925 packets 2009-04-21-04-06-19.dmp114 311 MB 1195894 packets 2009-04-21-04-06-19.dmp19 954 MB 1178794 packets 2009-04-21-04-06-19.dmp15 954 MB 1172566 packets 2009-04-21-04-06-191 954 MB 972863 packets 2009-04-21-04-06-19.dmp16 954 MB 906472 packets 2009-04-21-04-06-19.dmp18 954 MB 859192 packets 2009-04-21-04-06-19.dmp13 954 MB 677432 packets 2009-04-21-04-06-19.dmp17 954 MB 660921 packets

Defcon11

Capture the Flag event at Defcon11 published by the Shmoo Group . "This archive contains data logged during the Capture the Flag Contest at DefCon. The Shmoo Group is publishing this data to promote the creation of more secure software and to offer data for research purposes."

ulogd.znb0.2 295 MB 1223053 packets ulogd.znb3.3 355 MB 812140 packets ulogd.znb6.2 314 MB 759755 packets ulogd.znb1.2 198 MB 750415 packets ulogd.znb4.3 334 MB 662520 packets ulogd.znb5.3 334 MB 662291 packets ulogd.znb1.3 205 MB 639957 packets ulogd.znb0.3 85 MB 607051 packets ulogd.znb6.3 229 MB 599196 packets ulogd.znb3 314 MB 458776 packets ulogd.znb4.2 53 MB 417630 packets ulogd.znb5.2 53 MB 417242 packets ulogd.znb3.2 109 MB 329476 packets ulogd.znb6 191 MB 314775 packets ulogd.znb2.3 99 MB 269648 packets ulogd.znb2.2 75 MB 197519 packets ulogd.znb5 41 MB 123782 packets ulogd.znb4 41 MB 123229 packets ulogd.znb1 32 MB 83504 packets ulogd.znb2 30 MB 71967 packets ulogd.eth0.2 11 MB 30695 packets ulogd.eth0 4 MB 28995 packets ulogd.eth0.3 2 MB 9955 packets

If you know of other open repositories (with full packet contents), do let us know . We are happy to make them available to the community.