netcat

Cheat sheet: https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf

Port scanner:
nc -v -w 1 myhost -z 1-49151, scan myhost port 1-49151, 1 sec timeout for connects and final net reads.
echo -n | nc -vw 1 192.168.0.1 -z 1-99
nmap is better for multiple ports scanning

File transfer from host A to host B: on host A nc -lp 1234 >file.zip, on host B nc -w 1 host_A 1234 < file.zip

Chat server: Host A nc -lp 1234, host B nc host_A 1234. Now you can chat on both computers.

Telnet server: nc -lp 1234 -e /bin/bash. Then on client connect to port 1234.

Spoofing HTTP Headers:
nc www.google.com
GET / HTTP/1.1
Host: www.google.com
User-Agent: not your business
Referrer: your.mom

HTTP client
$ printf ‘GET / HTTP/1.1\nhost: example.com\n\n’ | nc example.com 80

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Type: text/html
Date: Fri, 14 Apr 2017 18:06:48 GMT
Etag: “359670651+gzip+ident”
…

Web server:
while true; do nc -l -p 80 -q 1 < error.html; done
nc -kl 8080 –sh-exec “echo -e ‘HTTP/1.1 200 OK\r\n’; date”

Cloning disk partition: from dd if=/dev/sda | nc 192.168.0.1 9000 to nc -l -p 9000 | dd of=/dev/sda the both partitions are unmounted. you can also clone NTFS patition.