This is our old Q&A Site. Please post any new questions and answers at

We are trying to find large numbers (1,000-10,000) of pcap files for both discreet individual malicious network events as well as pcaps for "normal" network traffic.

We have been using metasploit and wireshark but are looking to extend the breadth and depth of the library we use for testing.

Are there any repositories that would contain that many pcaps of individual events, or companies that specialize in capturing that kind of data?

Thanks in advance,

asked 09 Mar '17, 06:34

dougv's gravatar image

accept rate: 0%

Not that many files that I know of - this sounds like you're trying to train a software with bad and normal traffic. Problem is, that network captures are almost always sensitive in nature, so nobody is just capturing tons of them and providing them to the public... so you're probably stuck with smaller sets of files on the various sites that publish them; a good starter page (which you probably already know) is

permanent link

answered 09 Mar '17, 06:48

Jasper's gravatar image

Jasper ♦♦
accept rate: 18%

Yes Jasper... that's exactly the purpose. We've pulled all the ones on sites like netresec and are now looking to broaden the sample size we are using for each "event" (normal vs. malicious). I figured if anyone was doing it in the quantities that would be useful for us, that it would be in a lab environment. Thanks for info.

(09 Mar '17, 06:55) dougv

I was going to suggest pcapr, but they don't allow commercial reuse.

(09 Mar '17, 07:00) grahamb ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 09 Mar '17, 06:34

question was seen: 1,355 times

last updated: 09 Mar '17, 07:00

p​o​w​e​r​e​d by O​S​Q​A