Listen for input on the specified port and write it to the specified file

$ ncat [[-l|--listen]] [port] > [path/to/file]

$ ncat [[-lk|--listen --keep-open]] [port]

$ ncat [address] [port] < [path/to/file]

$ ncat --ssl [[-k|--keep-open]] [[-l|--listen]] [port]

$ ncat --ssl [host] [port]

$ ncat [[-w|--wait]] [seconds] [[-vz|--verbose -z]] [host] [port]

ncat [OPTIONS] [hostname] [port(s)]

-l, --listen
    Listen for incoming connections rather than initiating a connection to a remote host.

-p, --port <port>
    Specify the source port for client connections or the listening port for server mode.

-u, --udp
    Use UDP for connections instead of the default TCP.

-v, --verbose
    Increase verbosity (use multiple times for more details) to display connection status, errors, and data flow.

-z, --zero-io
    Zero-I/O mode. Report status of listening or connecting without sending any data. Useful for port scanning.

--ssl
    Enable SSL encryption for the connection. ncat will act as an SSL client or server.

-c, --sh-exec <command>
    Execute the specified command via /bin/sh after a connection is established. Standard input/output are redirected to the network connection.

-e, --exec <command>
    Execute the specified command directly (without /bin/sh) after a connection is established. Standard input/output are redirected to the network connection.

-k, --keep-open
    In listen mode, keep the connection open after a client disconnects to accept multiple connections.

--proxy <addr:port>
    Connect through a specified HTTP or SOCKS proxy server.

--proxy-type <type>
    Specify the proxy type: http, socks4, or socks5.

-6, --ipv6
    Use IPv6 only. By default, ncat attempts to use IPv6 if supported and falls back to IPv4.

--broker
    Enable broker mode, allowing multiple clients to connect to ncat, and all data sent by one client is relayed to all others.

--chat
    Enable chat mode, similar to --broker but with a prefix for each message indicating the source.

--telnet
    Negotiate Telnet options with the remote host. Useful when connecting to Telnet services.

--allow <addr(s)>
    Allow only specified hosts/networks to connect when in listen mode. Supports comma-separated lists and CIDR notation.

--deny <addr(s)>
    Deny specified hosts/networks from connecting when in listen mode. Overrides --allow.

ncat, part of the Nmap Project, is a powerful and versatile networking utility that reads and writes data across network connections using TCP or UDP. It's a modern re-implementation and enhancement of the classic Netcat tool, designed to be more reliable, secure, and feature-rich. ncat supports a wide array of functionalities, including IPv4/IPv6, SSL encryption, HTTP/SOCKS proxying, connection brokering, port scanning, and general data transfer. Its flexibility makes it an invaluable tool for network administrators, security professionals, and developers for tasks ranging from simple data transfer and server testing to complex network debugging and security analysis. It can operate in various modes, such as a client connecting to a server, a server listening for incoming connections, or even as a proxy.

When using ncat in listen mode with options like -e or -c to execute commands, be extremely cautious as this can create a significant security vulnerability (e.g., a 'reverse shell') if the host running ncat is exposed to untrusted networks. Always ensure proper firewall rules and access controls are in place. Listening on privileged ports (ports below 1024) typically requires root privileges. SSL/TLS functionality relies on the underlying OpenSSL library, and its behavior may vary depending on the OpenSSL version and configuration.

• Simple TCP Client/Server: Use ncat -l -p 12345 on one machine to listen, and ncat localhost 12345 on another to connect and exchange text.
• File Transfer: On the sender: cat file.txt | ncat <receiver_IP> 12345. On the receiver: ncat -l -p 12345 > file.txt.
• Port Scanning: ncat -vz <target_IP> 80 443 22 (scans multiple ports on a target).
• Simple HTTP Server: ncat -l -p 8080 --sh-exec 'echo "HTTP/1.1 200 OK

  Hello Ncat!

  "' (serves a simple HTML page).
• SSL Encrypted Connection: ncat --ssl -l -p 4433 (server) and ncat --ssl <server_IP> 4433 (client) for secure communication.

ncat is a modern, feature-rich reimplementation of the classic netcat utility, developed as part of the Nmap Project. The original netcat (often just called nc) was a legendary tool but suffered from a lack of consistent features across its various implementations and often lacked ongoing maintenance. ncat was created to address these issues by providing a unified, well-maintained, and enhanced version of netcat. It began development around 2007, introducing capabilities like SSL support, HTTP/SOCKS proxying, connection brokering, and better cross-platform compatibility, making it the preferred choice for many modern network tasks.

netcat(1), nc(1), socat(1), ssh(1), curl(1)