Inveigh vs NetExec
GitHub Stats
About Inveigh
Inveigh is a .NET/PowerShell tool for network protocol poisoning and relay attacks on Windows networks. It spoofs LLMNR, NBNS, mDNS, DNS, and DHCPv6 responses to capture NTLMv1/v2 hashes from hosts attempting name resolution. Beyond simple hash capture, Inveigh includes an SMB relay module that forwards captured authentication to other hosts for immediate code execution without cracking. The .NET version (InveighZero) runs as a standalone executable without PowerShell dependencies, evading script-based detections. It is the Windows-native alternative to Responder.
About NetExec
NetExec (nxc) is the actively maintained successor to CrackMapExec. It's a network service exploitation tool that supports SMB, LDAP, WinRM, SSH, MSSQL, RDP, and more. NetExec automates credential testing, command execution, and enumeration across network services. It's indispensable for Active Directory pentesting - spray credentials, dump SAM/LSA, execute commands, and enumerate shares across hundreds of hosts in seconds.
Platform Support
Tags
Shared
Inveigh only
NetExec only