Net-Creds is a python script that you can use during penetration testing to find sensitive information in network traffic or pcap files. information may include passwords or hash. this regardless on the service or ports used by the application.

The tool works with scapy/wsgiref and allows to sniff the following data:

• URLs visited
• POST loads sent
• HTTP form logins/passwords
• HTTP basic auth logins/passwords
• HTTP searches
• FTP logins/passwords
• IRC logins/passwords
• POP logins/passwords
• IMAP logins/passwords
• Telnet logins/passwords
• SMTP logins/passwords
• SNMP community string
• NTLMv1/v2 all supported protocols like HTTP, SMB, LDAP, etc
• Kerberos

Net-Creds sniffing network traffic

The tool is simple to install and run on your system and user can add features against any application traffic he is looking to pentest. you can download the tool over this link: https://github.com/DanMcInerney/net-creds