- http buffer overflow (basic keyword search)
- by:mu (search for pcaps submitted by "mu")
- sip AND "180 Ringing" (search for SIP pcaps that contain a "180 Ringing" packet)
- "Tree Connect AndX Request" (search for SMB pcaps that contain a "Tree Connect AndX Request" packet)
- http AND field:ipv6* (search for HTTP pcaps over IPv6)
Have you tried the Field Index? This is an easy way to find pcaps with specific protocol fields.