diff --git a/scripts/include.am b/scripts/include.am
index 23eaadf2f..fafdb43ab 100644
--- a/scripts/include.am
+++ b/scripts/include.am
@@ -91,6 +91,7 @@ EXTRA_DIST +=  scripts/testsuite.pcap \
                scripts/sniffer-tls13-dh.pcap \
                scripts/sniffer-tls13-ecc.pcap \
                scripts/sniffer-tls13-gen.sh \
+               scripts/sniffer-tls13-hrr.pcap \
                scripts/ping.test \
                scripts/benchmark.test \
                scripts/memtest.sh
diff --git a/scripts/sniffer-testsuite.test b/scripts/sniffer-testsuite.test
index 69bfa50df..083974bcf 100755
--- a/scripts/sniffer-testsuite.test
+++ b/scripts/sniffer-testsuite.test
@@ -39,6 +39,16 @@ then
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 DH\n" && exit 1
 fi
 
+# TLS v1.3 sniffer test hello_retry_request (HRR) with ECDHE
+if test $# -ne 0
+then
+    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-hrr.pcap ./certs/statickeys/ecc-secp256r1.pem 127.0.0.1 11111
+
+    RESULT=$?
+    [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 HRR\n" && exit 1
+fi
+
+
 # IPv6
 if test $# -ne 0 && test "x$1" = "x-6";
 then
diff --git a/scripts/sniffer-tls13-gen.sh b/scripts/sniffer-tls13-gen.sh
index 7f7f537c9..a98e7b4d4 100755
--- a/scripts/sniffer-tls13-gen.sh
+++ b/scripts/sniffer-tls13-gen.sh
@@ -22,3 +22,8 @@
 ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r
 ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r &
 ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r
+
+# TLS v1.3 Hello Retry Request (save this as sniffer-tls13-hrr.pcap)
+# ./configure --enable-sniffer CFLAGS="-DWOLFSSL_SNIFFER_WATCH" --disable-dh && make
+./examples/server/server -v 4 -i -x -g &
+./examples/client/client -v 4 -J
diff --git a/scripts/sniffer-tls13-hrr.pcap b/scripts/sniffer-tls13-hrr.pcap
new file mode 100644
index 000000000..c9b078967
Binary files /dev/null and b/scripts/sniffer-tls13-hrr.pcap differ
diff --git a/wolfssl/sniffer_error.rc b/wolfssl/sniffer_error.rc
index 59d8f5c9e..27bfdfe1c 100644
--- a/wolfssl/sniffer_error.rc
+++ b/wolfssl/sniffer_error.rc
@@ -113,6 +113,5 @@ STRINGTABLE
     92, "Store Data callback failed"
     93, "Loading chain input"
     94, "Got encrypted extension"
-    95, "Hello retry request"
+    95, "Got Hello Retry Request"
 }
-