Plaintext protocols (like HTTP, FTP, SNMP, SMTP) are widely used within organizations. Being able to capture and parse that traffic could offer attackers valuable information like sensitive files, passwords or hashes. There are many ways an attacker can obtain a man-in-the-middle position, ARP poisoning being the most common and effective one.
# extract credentials from a pcap file
Pcredz -f "file-to-parse.pcap"
# extract credentials from all pcap files in a folder
Pcredz -d "/path/to/pcaps/"
# extract credentials from a live packet capture on a network interface
Pcredz -i $INTERFACE -v