diff --git a/shark-fin/chall.yaml b/shark-fin/chall.yaml
new file mode 100644
index 0000000..55ff56a
--- /dev/null
+++ b/shark-fin/chall.yaml
@@ -0,0 +1,15 @@
+name: Shark Fin
+categories:
+ - foren
+value: 75
+flag: camp{sH4rK_go_nOM_9f2f44f4735528}
+description: |-
+  I bugged another CTF team's network and managed to capture these packets.
+  Circumstantial evidence suggests they were trying to find a flag online -- can you help?
+hints:
+  - Wireshark is a helpful program to analyze network traffic.
+files:
+  - src: ./shark-fin.pcapng
+authors:
+  - Marvin
+visible: true
diff --git a/shark-fin/shark-fin.pcapng b/shark-fin/shark-fin.pcapng
new file mode 100644
index 0000000..e35814f
Binary files /dev/null and b/shark-fin/shark-fin.pcapng differ