# Capturing Credentials

## Engagement Credentials Tab

<figure><img src="/files/tB4hNknKFhDI006KBBHD" alt=""><figcaption></figcaption></figure>

The **Credentials** screen is used to manage usernames, passwords, and hashes discovered during an engagement. This central repository makes it easier to track, reuse, and report credentials across different hosts and services.

### Features

At the top of the screen you can:

* **Add Creds** – Manually add new credentials.
* **Import Creds** – Bulk import credentials from supported formats.
* **Export Creds** – Export the current list for offline use or reporting.
* **Clear Filters** – Reset any applied filters in the table.

A search bar is also available to quickly locate specific credentials.

### Credential Fields

Each row in the table represents a credential record with the following fields:

* **Host** – The system where the credential was identified.
* **Service** – The protocol or service (e.g., SMB, RDP, SSH).
* **Domain** – The associated domain or workgroup.
* **Username** – The account name.
* **Password** – The cleartext password, if known.
* **Hash** – A stored password hash, if captured.
* **Notes** – Any additional context (e.g., “Domain Admin”).

In the example shown:

* Host: `1.2.3.4`
* Service: `smb`
* Domain: `acme.local`
* Username: `administrator`
* Password: `password123`
* Hash: `218297e636...`
* Notes: `Domain Admin`

This structured view allows you to keep track of credentials across an engagement and ensure they are available for reuse during testing or reporting.

## Adding Credentials Manually

From the *Credentials* *Tab* or [Host Page](/hosts-and-services/host-page.md), click the *Add Creds* button in the *Credentials* section:

![Host Page - Credentials Section](/files/oVHdklenKA61nHF4aTiz)

<figure><img src="/files/cDyy1osQnmOaBLVmBtUv" alt=""><figcaption></figcaption></figure>

All fields are optional. Set the Host field to a specific host, for example web logins are typically tied to a web server. You can also attach credentials to the Engagement for domain wide credentials such as Active Directory NTLM hashes.

## Importing Credentials

From the *Credentials* *Tab* or [Host Page](/hosts-and-services/host-page.md), click the *Import Creds* button in the *Credentials* section.

![Import Creds](/files/kdqAz5h5tQNuoKvCtj2W)

Import credentials by loading a file or copy & paste. The formats supported are:

* passwd
* .shadow
* username : password
* username : hash
* username : hash : hashtype

## Exporting Credentials

![Export Creds](/files/Mug3B4IpyaIst7yvOJDO)

The *Export Creds* screen provides an listing of captured credentials in various formats. These are meant to be copy & pasted into a file for use by hashcat, crackMapExec, or other tools.

## Tier Availability

**Credentials** are available on all tiers.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.pentest.ws/getting-started/capturing-credentials.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.