Capturing Credentials

Engagement Credentials Tab

The Credentials screen is used to manage usernames, passwords, and hashes discovered during an engagement. This central repository makes it easier to track, reuse, and report credentials across different hosts and services.

Features

At the top of the screen you can:

  • Add Creds – Manually add new credentials.

  • Import Creds – Bulk import credentials from supported formats.

  • Export Creds – Export the current list for offline use or reporting.

  • Clear Filters – Reset any applied filters in the table.

A search bar is also available to quickly locate specific credentials.

Credential Fields

Each row in the table represents a credential record with the following fields:

  • Host – The system where the credential was identified.

  • Service – The protocol or service (e.g., SMB, RDP, SSH).

  • Domain – The associated domain or workgroup.

  • Username – The account name.

  • Password – The cleartext password, if known.

  • Hash – A stored password hash, if captured.

  • Notes – Any additional context (e.g., “Domain Admin”).

In the example shown:

  • Host: 1.2.3.4

  • Service: smb

  • Domain: acme.local

  • Username: administrator

  • Password: password123

  • Hash: 218297e636...

  • Notes: Domain Admin

This structured view allows you to keep track of credentials across an engagement and ensure they are available for reuse during testing or reporting.

Adding Credentials Manually

From the Credentials Tab or Host Page, click the Add Creds button in the Credentials section:

Host Page - Credentials Section

All fields are optional. Set the Host field to a specific host, for example web logins are typically tied to a web server. You can also attach credentials to the Engagement for domain wide credentials such as Active Directory NTLM hashes.

Importing Credentials

From the Credentials Tab or Host Page, click the Import Creds button in the Credentials section.

Import Creds

Import credentials by loading a file or copy & paste. The formats supported are:

  • passwd

  • .shadow

  • username : password

  • username : hash

  • username : hash : hashtype

Exporting Credentials

Export Creds

The Export Creds screen provides an listing of captured credentials in various formats. These are meant to be copy & pasted into a file for use by hashcat, crackMapExec, or other tools.

Tier Availability

Credentials are available on all tiers.

PreviousAdding Ports to HostsNextHost Page

Last updated