Netcredz
With zero dependencies, NetCredz extracts credentials from pcap files or live traffic, supporting NTLM, LDAP, HTTP, SMTP, SNMP, Telnet, FTP, and Kerberos, while also detecting DHCPv6 and LLMNR traffic. Inspired by PCredz from Laurent Gaffie
Install / Use
/learn @joey-melo/NetcredzREADME
NetCredz
NetCredz is a lightweight, dependency-free tool for extracting cleartext credentials and authentication data from network traffic. Inspired by PCredz, it provides enhanced functionality while maintaining simplicity and efficiency.
Features
- Parse pcap files or listen on live network interfaces.
- Filter traffic by specific protocols to reduce clutter.
- Support for regex filtering to search for specific patterns or strings.
- Output results to a log file for easy analysis.
Install
git clone https://github.com/joey-melo/netcredz.git
Usage
Run with a pcap file:
python3 netcredz -f capture.pcap
Run on a live network interface:
python3 netcredz -i eth0
Options
options:
-h, --help show this help message and exit
-i INTERFACE, --interface INTERFACE
interface
-f FILE, --file FILE pcap file path
-d, --debug debug mode
-v, --verbose verbosity level
-c FILTERS, --capture-methods FILTERS
capture methods
-r REGEX, --regex REGEX
regex string
-o OUTPUT, --output OUTPUT
output log file path (csv)
Supported Protocol
NetCredz supports the following protocols for filtering:
ntlm, ldap, http, smtp, snmp, telnet, ftp, kerberos, dhcpv6, llmnr
Future Enhancements
- Implement remote logging to send captured data to a listening server.
- Implement python2 version for backward compatibility.
