https://github.com/divonisimon97/extracting-login-credentials-from-http-traffic

Inspecting and capturing unencrypted web traffic, then looking for login credentials sent in plain text.
https://github.com/divonisimon97/extracting-login-credentials-from-http-traffic

extracting-data http

Last synced: 4 months ago
JSON representation

Inspecting and capturing unencrypted web traffic, then looking for login credentials sent in plain text.

• Host: GitHub
• URL: https://github.com/divonisimon97/extracting-login-credentials-from-http-traffic
• Owner: divonisimon97
• Created: 2025-02-07T22:32:24.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-02-25T02:08:56.000Z (over 1 year ago)
• Last Synced: 2025-06-04T21:11:32.943Z (12 months ago)
• Topics: extracting-data, http
• Homepage:
• Size: 13.7 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# 
Extracting Login Credentials from HTTP Traffic 


Description

In this project, I use Wireshark to capture and inspect unencrypted HTTP traffic, focusing on how sensitive data, such as login credentials, can be exposed when transmitted over non-HTTPS connections.




Languages and Utilities Used


- Wireshark (4.4.3)

- Test HTTP Website (http://testphp.vulnweb.com/login.php) 

Environments Used 


- Windows 11 (24H2)

- PfSense (Version 2.7.2)

Program walk-through:




Launch Wireshark: 










Capture Traffic: 










Launch the Website & Enter Login Info: 










Filter and Inspect HTTP Traffic:  










Locate HTTP POST request: 










Open HTML Form URL Encoded & Extract Login Credentials: