Ncat Users' Guide

Table of Contents

Ncat: Your General-Purpose Network Connector

Ncat is a general-purpose command-line tool for reading, writing, redirecting, and encrypting data across a network. It aims to be your network Swiss Army knife, handling a wide variety of security testing and administration tasks. Ncat is suitable for interactive use or as a network-connected back end for other tools. Ncat can:

  • Act as a simple TCP/UDP/SCTP/SSL client for interacting with web servers, telnet servers, mail servers, and other TCP/IP network services. Often the best way to understand a service (for fixing problems, finding security flaws, or testing custom commands) is to interact with it using Ncat. This lets you you control every character sent and view the raw, unfiltered responses.

  • Act as a simple TCP/UDP/SCTP/SSL server for offering services to clients, or simply to understand what existing clients are up to by capturing every byte they send.

  • Redirect or proxy TCP/UDP/SCTP traffic to other ports or hosts. This can be done using simple redirection (everything sent to a port is automatically relayed somewhere else you specify in advance) or by acting as a SOCKS or HTTP proxy so clients specify their own destinations. In client mode, Ncat can connect to destinations through a chain of anonymous or authenticated proxies.

  • Run on all major operating systems. We distribute Linux, Windows, and Mac OS X binaries, and Ncat compiles on most other systems. A trusted tool must be available whenever you need it, no matter what computer you're using.

  • Encrypt communication with SSL, and transport it over IPv4 or IPv6.

  • Act as a network gateway for execution of system commands, with I/O redirected to the network. It was designed to work like the Unix utility cat, but for the network.

  • Act as a connection broker, allowing two (or far more) clients to connect to each other through a third (brokering) server. This enables multiple machines hidden behind NAT gateways to communicate with each other, and also enables the simple Ncat chat mode.

These capabilities become even more powerful and versatile when combined.

Ncat is our modern reinvention of the venerable Netcat (nc) tool released by Hobbit in 1996. While Ncat is similar to Netcat in spirit, they don't share any source code. Instead, Ncat makes use of Nmap's well optimized and tested networking libraries. Compatibility with the original Netcat and some well known variants is maintained where it doesn't conflict with Ncat's enhancements or cause usability problems. Ncat adds many capabilities not found in Hobbit's original nc, including SSL support, proxy connections, IPv6, and connection brokering. The original nc contained a simple port scanner, but we omitted that from Ncat because we have a preferred tool for that function.

This guide starts with examples of basic Ncat usage, then moves on to more advanced features. Those are followed by practical sections which use examples to demonstrate how Ncat can solve common real-world problems. A few neat Ncat tricks are covered as well.