Pcredz extracts and dumps authentication information from either a live network capture or a pcap dump file. It works on the following (unencrypted) protocols:

- POP
- SMTP
- IMAP
- SNMP community string
- FTP
- HTTP Basic
- NTLMv1/v2 (DCE-RPC,SMBv1/2,LDAP, MSSQL, HTTP, etc)
- Kerberos (AS-REQ Pre-Auth etype 23) hashes.
It can also optionally, although with far lesser certainty, print sniffed strings that appear to be credit card numbers.