# netcat (nc) — The TCP/IP Swiss Army Knife

> Practical guide to netcat (nc) — read and write raw TCP and UDP connections, scan ports, transfer files, and debug network services from the command line.

Source: https://www.jpkc.com/db/en/cheatsheets/networking/nc/

<!-- PROSE:intro -->
netcat (nc) is the TCP/IP Swiss Army knife: a single command lets you read and write raw data across TCP and UDP connections, scan ports, transfer files between machines, and debug network services straight from the shell. Available on virtually every Unix system without extra dependencies, nc is the first tool administrators reach for when something on the network needs a quick check. This guide covers the most useful options for legitimate admin and diagnostic work – from a fast port scan to a compressed directory transfer.
<!-- PROSE:intro:end -->

## TCP Connections

`nc <host> <port>` — Connect to a TCP port.

```bash
nc example.com 80
```

`nc -v <host> <port>` — Connect with verbose output.

```bash
nc -v example.com 443
```

`nc -z <host> <port>` — Port scan: check if a port is open (no data sent).

```bash
nc -zv example.com 80
```

`nc -z <host> <start>-<end>` — Scan a range of ports.

```bash
nc -zv localhost 3000-3100
```

`nc -w <seconds> <host> <port>` — Set a connection timeout.

```bash
nc -w 5 -zv example.com 443
```

## Listen & Server

`nc -l <port>` — Listen on a TCP port (simple server).

```bash
nc -l 8080
```

`nc -lk <port>` — Listen and keep accepting connections (persistent).

```bash
nc -lk 8080
```

`nc -l <port> > <file>` — Listen and save received data to a file.

```bash
nc -l 9999 > received.tar.gz
```

`nc <host> <port> < <file>` — Send a file to a listening netcat.

```bash
nc 192.168.1.10 9999 < backup.tar.gz
```

## UDP

`nc -u <host> <port>` — Connect via UDP instead of TCP.

```bash
nc -u localhost 5000
```

`nc -lu <port>` — Listen for UDP packets.

```bash
nc -lu 5000
```

`echo '<data>' | nc -u <host> <port>` — Send a UDP message.

```bash
echo 'test message' | nc -u localhost 5000
```

## HTTP & Testing

`echo -e 'GET / HTTP/1.1\r\nHost: <host>\r\n\r\n' | nc <host> 80` — Send a raw HTTP GET request.

```bash
echo -e 'GET / HTTP/1.1\r\nHost: example.com\r\n\r\n' | nc example.com 80
```

`nc -l 8080 <<< 'HTTP/1.1 200 OK\r\n\r\nHello'` — Create a minimal one-shot HTTP server.

```bash
while true; do echo -e 'HTTP/1.1 200 OK\r\n\r\nHello' | nc -l 8080; done
```

`echo 'QUIT' | nc <host> 25` — Test if an SMTP server is responding.

```bash
echo 'QUIT' | nc -w 3 mail.example.com 25
```

## File Transfer

`nc -l <port> > <file>  (receiver)` — Receive a file (run on destination machine).

```bash
nc -l 9999 > backup.tar.gz
```

`nc <host> <port> < <file>  (sender)` — Send a file (run on source machine).

```bash
nc 192.168.1.10 9999 < backup.tar.gz
```

`tar czf - <dir> | nc <host> <port>` — Send a directory as a compressed stream.

```bash
tar czf - project/ | nc 192.168.1.10 9999
```

`nc -l <port> | tar xzf -` — Receive and extract a compressed stream.

```bash
nc -l 9999 | tar xzf -
```

## Common Patterns

`nc -zv <host> <port> 2>&1 | grep succeeded` — Quick connectivity check (script-friendly).

```bash
nc -zv db.example.com 5432 2>&1 | grep succeeded
```

`nc -l <port> -e /bin/bash` — Bind a shell to a port (for authorized testing only; netcat-traditional or ncat only; not in OpenBSD nc).

```bash
nc -l 4444 -e /bin/bash
```

`nc -l <local-port> | nc <remote-host> <remote-port>` — Simple TCP proxy / relay.

```bash
nc -l 8080 | nc backend.local 3000
```

`echo -n | nc -w 1 <host> <port> && echo 'open' || echo 'closed'` — Quick port check with open/closed output.

```bash
echo -n | nc -w 1 localhost 3306 && echo 'MySQL open' || echo 'MySQL closed'
```

<!-- PROSE:outro -->
## Conclusion

netcat remains indispensable because it needs neither extra dependencies nor elevated privileges: a single `nc` command handles port checks, quick LAN file transfers, and debugging new network services. When you need TLS support, multiple concurrent connections, or proxy features, reach for `socat` as the more capable alternative.

## Further Reading

- [Netcat – Wikipedia](https://en.wikipedia.org/wiki/Netcat) – background and history
- [nc(1) – manual page](https://man.openbsd.org/nc) – every option at a glance
<!-- PROSE:outro:end -->

## Related Commands

- [socat](https://www.jpkc.com/db/en/cheatsheets/networking/socat/) – more powerful socket relay with TLS support
- [nmap](https://www.jpkc.com/db/en/cheatsheets/networking/nmap/) – advanced port and service scanner
- [ss](https://www.jpkc.com/db/en/cheatsheets/networking/ss/) – inspect active socket connections and listening ports