.PCAP File Extension
Packet Capture Data
Developer | Wireshark |
Popularity |
3.4 | 60 Votes |
What is a PCAP file?
A PCAP file is a packet capture created by Wireshark, a free network data analysis program. It contains network packet data that Wireshark intercepted and logged while monitoring a network. Network administrators use PCAP files to diagnose network problems and detect malicious network activity.
More Information
PCAP is an API used to capture network data packets. Wireshark saves records of the data it captures via the PCAP API as PCAP files.
In addition to a record of a packet's contents, each PCAP file also contains metadata about the captured packet. For example, PCAP files specify a packet's source and destination, the protocol used to send the packet, and the time at which the packet was sent.
NOTE: While Wireshark is the most common program used to create PCAP files, several other packet capture programs also save captures in the PCAP format.
How to open a PCAP file
You can open a PCAP file with Wireshark. To do so:
- Select File → Open from Wireshark's menu bar.
- Navigate to and open your PCAP file.
You can also open PCAP files with several other packet analysis programs, including Netresec NetworkMiner (Windows, Linux) and A-Packets (Web).