.PCAP File Extension

Packet Capture Data

Developer Wireshark
Popularity
3.4  |  59 Votes
 

What is a PCAP file?

A PCAP file is a packet capture created by Wireshark, a free network data analysis program. It contains network packet data that Wireshark intercepted and logged while monitoring a network. Network administrators use PCAP files to diagnose network problems and detect malicious network activity.

More Information

Screenshot of a .pcap file in Wireshark
PCAP file open in Wireshark

PCAP is an API used to capture network data packets. Wireshark saves records of the data it captures via the PCAP API as PCAP files.

In addition to a record of a packet's contents, each PCAP file also contains metadata about the captured packet. For example, PCAP files specify a packet's source and destination, the protocol used to send the packet, and the time at which the packet was sent.

NOTE: While Wireshark is the most common program used to create PCAP files, several other packet capture programs also save captures in the PCAP format.

How to open a PCAP file

You can open a PCAP file with Wireshark. To do so:

  1. Select File → Open from Wireshark's menu bar.
  2. Navigate to and open your PCAP file.

You can also open PCAP files with several other packet analysis programs, including Netresec NetworkMiner (Windows, Linux) and A-Packets (Web).

Open over 400 file formats with File Viewer Plus.Free Download

Programs that open PCAP files

Windows
Wireshark
Free
Netresec NetworkMiner
Free Trial
WinDump
Free
Mac
Wireshark
Free
Linux
Wireshark
Free
Netresec NetworkMiner
Free Trial
tcpdump
Free
Web
A-Packets
Free+

Verified by FileInfo.com

The FileInfo.com team has independently researched the Packet Capture Data file format and Mac, Windows, and Linux apps listed on this page. Our goal is 100% accuracy and we only publish information about file types that we have verified.

If you would like to suggest any additions or updates to this page, please let us know.

‹ .PCACHE  |  .PCAP2 ›