How to Read .cap Packet Capture File on Mac OS X with tcpdump
Whether performing a packet trace or sniffing and capturing packets from a network, the result is usually the creation of a .cap capture file. That .cap, pcap, or wcap packet capture file is created regardless of what you’re using to sniff a network, a fairly common task among network administrators and security professionals. Perhaps the easiest way to open, read, and interpret a .cap file is using the built-in tcpdump utility on a Mac or Linux machine.