Cain & Able is very easy to use tool for ARP Poisoning Attack, and at the same time it is powerful.
It has ability to do Man-In-The Middle against the RDP “Remote Desktop Protocol” using which attacker can actually sniff Keystrokes being typed in RDP session, and believe me this can be used in most of real environment while doing Penetration testing
Although ARP Generates lot of traffic, it is worth if you can get hold of credentials ;) in some cases.
Below screenshot shows option where you will find ARP RDP Session details.
"cd \" command is executed in RDP session.
Imagine if someone is trying to Log in to other machine from RDP using SMB....or SSH ;)
Hope this helps.