pwnat vs Socat
GitHub Stats
About pwnat
pwnat (pronounced 'poe-nat') enables connections between two hosts both behind separate NATs without requiring either side to configure port forwarding. It exploits a quirk in how NAT implementations handle ICMP time-exceeded messages to establish bidirectional communication channels. One side runs as a server and the other as a client; the tool handles NAT traversal automatically. This makes it useful for penetration testing scenarios where direct connectivity is blocked by network address translation, enabling reverse shells and tunnel establishment through otherwise impassable network boundaries.
About Socat
Socat (SOcket CAT) is a command-line utility that establishes two bidirectional byte streams and transfers data between them. It's like an extended version of netcat with support for SSL, IPv6, SOCKS4 proxying, and dozens of address types. Socat can create virtual serial connections, tunnel traffic through SSL, act as a simple TCP forwarder, and much more. It's a sysadmin essential that doubles as a powerful offensive tool for port forwarding, bind/reverse shells, and encrypted tunnels.
Platform Support
Tags
Shared
pwnat only
Socat only