PCAPNG

application/vnd.tcpdump.pcapng

Safe

Magic Bytes

Offset: 0
0A 0D 0D 0A

PCAP Next Generation (PCAPNG) is a standardized data format developed by the network community for capturing, storing, and sharing network traffic packets. It is primarily utilized by network administrators and security analysts for packet analysis, troubleshooting, and protocol auditing using tools such as Wireshark or tcpdump. As the successor to the original PCAP format, it supports enhanced features including multiline comments and interface information while remaining safe for offline storage and analysis.

Extension

.pcapng

MIME Type

application/vnd.tcpdump.pcapng

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .pcapng files in Python

Python 
def is_pcapng(file_path: str) -> bool:
    """Check if file is a valid PCAPNG by magic bytes."""
    signature = bytes([0x0A, 0x0D, 0x0D, 0x0A])
    with open(file_path, "rb") as f:
        return f.read(4) == signature

How to validate .pcapng files in Node.js

Node.js 
function isPCAPNG(buffer: Buffer): boolean {
  const signature = Buffer.from([0x0A, 0x0D, 0x0D, 0x0A]);
  return buffer.subarray(0, 4).equals(signature);
}
Go 
func IsPCAPNG(data []byte) bool {
    signature := []byte{0x0A, 0x0D, 0x0D, 0x0A}
    if len(data) < 4 {
        return false
    }
    return bytes.Equal(data[:4], signature)
}

API Endpoint

GET /api/v1/pcapng
curl https://filesignature.org/api/v1/pcapng

Related Formats

.pcap .hpapp .pdn .xls .aba .adx .jx .odi .wri