Question 1

How to install net-creds on Linux?

Accepted Answer

Install dependencies like python-scapy via your package manager, then run the script with sudo; refer to the README for specific steps, though it's more detailed for OS X.

Question 2

Net-creds vs Wireshark for password sniffing

Accepted Answer

Net-creds is specialized for credential extraction with port-agnostic detection and fragmentation handling, while Wireshark offers a GUI and broader protocol analysis. Use net-creds for focused password hunting, but Wireshark for comprehensive traffic inspection.

Question 3

Can net-creds decrypt SSL/TLS traffic?

Accepted Answer

No, net-creds cannot decrypt encrypted traffic like HTTPS; it relies on sniffing plaintext or weakly encrypted credentials in protocols such as HTTP basic auth or NTLM over unencrypted channels.

Question 4

How to filter IP addresses in net-creds?

Accepted Answer

Use the -f flag followed by the IP address, as shown in the examples, to exclude packets to and from that IP, helping focus on relevant traffic during sniffing.

Question 5

Does net-creds support IPv6?

Accepted Answer

The README doesn't specify IPv6 support; it likely focuses on IPv4, so compatibility with IPv6 traffic might be limited or untested.

Question 6

How to analyze a pcap file with net-creds?

Accepted Answer

Run 'python net-creds.py -p pcapfile' to read from a pcap file, allowing offline credential extraction without live network sniffing, as demonstrated in the README examples.

Question 7

Is net-creds good for real-time monitoring?

Accepted Answer

It can sniff live interfaces, but due to its Python-based nature, it might not handle high packet rates efficiently; better suited for targeted assessments or low-traffic networks.

net-creds

What is net-creds?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions