Dsniff and ethereal are probably the most common tools I once used after the target has been identified. Dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.
Ethereal is a pretty decent free sniffer with a great deal of filters and options. Ettercap works pretty well to for sniffing SSL passwords... Just for prooof of concept, here how easy it is- granted the user has to accept the bogus formed cert..