{"id":13539842,"url":"https://github.com/lgandx/pcredz","last_synced_at":"2025-05-14T04:07:58.261Z","repository":{"id":15765279,"uuid":"18504145","full_name":"lgandx/PCredz","owner":"lgandx","description":"This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.","archived":false,"fork":false,"pushed_at":"2025-01-27T10:34:00.000Z","size":123,"stargazers_count":2100,"open_issues_count":11,"forks_count":412,"subscribers_count":102,"default_branch":"master","last_synced_at":"2025-04-11T00:44:18.286Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lgandx.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"lgandx","patreon":"PythonResponder","custom":"https://paypal.me/PythonResponder"}},"created_at":"2014-04-07T02:03:33.000Z","updated_at":"2025-04-05T12:26:20.000Z","dependencies_parsed_at":"2024-01-07T01:13:31.148Z","dependency_job_id":"81629b68-035c-4df8-b268-209d38fc680c","html_url":"https://github.com/lgandx/PCredz","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lgandx%2FPCredz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lgandx%2FPCredz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lgandx%2FPCredz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lgandx%2FPCredz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lgandx","download_url":"https://codeload.github.com/lgandx/PCredz/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254069637,"owners_count":22009558,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T09:01:32.823Z","updated_at":"2025-05-14T04:07:53.242Z","avatar_url":"https://github.com/lgandx.png","language":"Python","funding_links":["https://github.com/sponsors/lgandx","https://patreon.com/PythonResponder","https://paypal.me/PythonResponder"],"categories":["\u003ca id=\"f13469c9891173804423be4403b2c4ff\"\u003e\u003c/a\u003epcap","\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","\u003ca id=\"3ed50213c2818f1455eff4e30372c542\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"eb49514924c3f4bf2acf6f3a4436af13\"\u003e\u003c/a\u003e未分类","\u003ca id=\"a9494547a9359c60f09aea89f96a2c83\"\u003e\u003c/a\u003e后渗透","\u003ca id=\"12abc279c69d1fcf10692b9cb89bcdf7\"\u003e\u003c/a\u003e未分类-post-exp"],"readme":"# PCredz\n\nThis tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.\n\n## Features\n\n- Extract from a pcap file or from a live interface IPv4 and IPv6:\n  - Credit card numbers\n  - POP\n  - SMTP\n  - IMAP\n  - SNMP community string\n  - FTP\n  - HTTP (NTLM/Basic/HTTP Forms)\n  - NTLMv1/v2 (DCE-RPC,SMBv1/2,LDAP, MSSQL, HTTP, etc)\n  - Kerberos (AS-REQ Pre-Auth etype 23) hashes.\n\n- All hashes are displayed in a hashcat format (use -m 7500 for kerberos, -m 5500 for NTLMv1, -m 5600 for NTLMv2).\n- Log all credentials and information to a file (CredentialDump-Session.log).\n- Log credentials in the logs/ folder. MSKerb.txt, NTLMv1.txt and NTLMv2.txt can be directly fed to hashcat. \n\n## Install\n\n### Docker\nInstall docker and clone the repo\n\nBuild the container\n```bash\n$ docker build . -t pcredz\n```\n\nThen use the command below to map the current working directory inside the Pcredz container. This is useful for moving .pcap files to parse or for retrieving log files from a live capture.\n```bash\n$ docker run --net=host -v $(pwd):/opt/Pcredz -it pcredz\n```\n\n### Linux\n\nOn a debian based OS bash:\n\n```bash\napt install python3-pip \u0026\u0026 sudo apt install libpcap-dev \u0026\u0026 sudo apt install file \u0026\u0026 pip3 install Cython \u0026\u0026 pip3 install python-libpcap\n```\n\n## Usage\n \n ```\n # extract credentials from a pcap file\npython3 ./Pcredz -f file-to-parse.pcap\n\n# extract credentials from all pcap files in a folder\npython3 ./Pcredz -d /tmp/pcap-directory-to-parse/\n\n# extract credentials from a live packet capture on a network interface (need root privileges)\npython3 ./Pcredz -i eth0 -v\n```\n\n### Options\n\n```\n  -h, --help          show this help message and exit\n  -f capture.pcap     Pcap file to parse\n  -d /home/pnt/pcap/  Pcap directory to parse recursivly\n  -i eth0             interface for live capture\n  -v                  More verbose.\n  -o output_dir       Store log files in output_dir instead of the directory containing Pcredz.\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flgandx%2Fpcredz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flgandx%2Fpcredz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flgandx%2Fpcredz/lists"}