The packet capture library for the security community
PcapHub is a platform built for security researchers, network engineers, and CTF players who want a single, reliable place to store, discover, and share packet captures.
What PcapHub is
PcapHub is a community platform where packet captures are first-class citizens. You can upload captures, tag and describe them, and make them discoverable to anyone searching for a specific protocol, scenario, or traffic pattern.
If you need a Kerberos handshake, a TLS 1.3 negotiation, or some SMB lateral movement to reference or learn from, PcapHub is where you find it. If you have captures worth sharing, PcapHub is where you put them so others can benefit.
It is a searchable, inspectable, intelligence-enriched library for the network and security community.
Built for
Security Researchers
Store, analyse, and share real-world traffic samples. Collaborate on threat research and keep your capture library organised and accessible.
CTF Players
Upload challenge PCAPs, share write-ups, and build a personal library of interesting traffic patterns you can reference in future competitions.
Network Engineers
Store captures from troubleshooting sessions, document network behaviour over time, and pull up a reference trace whenever you need one.
What you get
Everything you need to store, analyse, and share packet captures in one place.
Full-text search
Search by title, description, protocol, tag, SHA256, or Suricata SID. Find exactly what you need across the entire library.
Browser-based packet viewer
Inspect packets, follow TCP streams, and apply display filters directly in your browser. No download required.
Automatic threat detection
Every uploaded PCAP is scanned against 49,000 Suricata ET Open rules. Alerts surface inline on the capture page automatically.
API access
Scoped API keys for programmatic upload, download, and search. Build pipelines, automate lab captures, and integrate with existing workflows.
Tags and collections
Organise captures by protocol, scenario, or project. Build a searchable library that stays useful months down the track.
Flexible visibility
Public, unlisted, or private. Share a capture with the world or keep it entirely to yourself. You are always in control.
Embeddable captures
Embed a live packet viewer directly in blog posts, write-ups, or documentation. Readers can inspect traffic without leaving your page.
Community discovery
Browse, star, and fork public captures. Build on what others have shared and contribute back to the community.
Our approach
Unlike file-sharing services, PcapHub understands what's inside your captures. Every upload is parsed, indexed, and scanned so you can search by protocol, filter by Suricata signature, or inspect packets directly in the browser without downloading anything.
We take security seriously. Captures can contain sensitive data including credentials, internal hostnames, and personal information. PcapHub enforces legal confirmation on upload, scans for PII automatically, runs Suricata IDS threat detection, and gives you full control over who can access your files.
The platform is actively developed and we are here for the long haul. If something is missing or could be better, we want to hear about it.
Start building your capture library
Join the community sharing packet captures for research, training, and threat analysis.