PCAPNG (.pcapng)
.pcapng file signature | application/vnd.tcpdump.pcapng
PCAP Next Generation Dump File Format[3]
Magic Bytes
Offset 0
0A 0D 0D 0A
Sources: Apache Tika, Wikipedia
Extension
.pcapng
MIME Type
application/vnd.tcpdump.pcapng
Byte Offset
0
Risk Level
Safe
Validation Code
How to validate .pcapng files in Python
def is_pcapng(file_path: str) -> bool:
"""Check if file is a valid PCAPNG by magic bytes."""
signature = bytes([0x0A, 0x0D, 0x0D, 0x0A])
with open(file_path, "rb") as f:
return f.read(4) == signatureHow to validate .pcapng files in Node.js
function isPCAPNG(buffer: Buffer): boolean {
const signature = Buffer.from([0x0A, 0x0D, 0x0D, 0x0A]);
return buffer.subarray(0, 4).equals(signature);
}How to validate .pcapng files in Go
func IsPCAPNG(data []byte) bool {
signature := []byte{0x0A, 0x0D, 0x0D, 0x0A}
if len(data) < 4 {
return false
}
return bytes.Equal(data[:4], signature)
}API Endpoint
/api/v1/pcapng
curl https://filesignature.org/api/v1/pcapng
See the full API documentation for all endpoints and parameters.
Frequently Asked Questions
What is a .pcapng file?
A .pcapng file is a PCAPNG file. PCAP Next Generation Dump File Format[3]
What are the magic bytes for .pcapng files?
The magic bytes for PCAPNG files are 0A 0D 0D 0A at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.
How do I validate a .pcapng file?
To validate a .pcapng file, read the first bytes of the file and compare them against the known magic bytes (0A 0D 0D 0A) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.
What is the MIME type for .pcapng files?
The primary MIME type for .pcapng files is application/vnd.tcpdump.pcapng.
Is it safe to open .pcapng files?
PCAPNG (.pcapng) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.