ENNAENNA

NetExec

FeaturedBSD-2-Clause

⚖️ Dual Use · Python

NetExec (nxc) is the actively maintained successor to CrackMapExec. It's a network service exploitation tool that supports SMB, LDAP, WinRM, SSH, MSSQL, RDP, and more. NetExec automates credential testing, command execution, and enumeration across network services. It's indispensable for Active Directory pentesting - spray credentials, dump SAM/LSA, execute commands, and enumerate shares across hundreds of hosts in seconds.

5.5kstars
697forks
142issues
Updated 15d ago
+I use this
View on GitHubOfficial WebsiteDocumentation

Installation

$ pip install netexec

Use Cases

  • Credential spraying across network services
  • SMB share enumeration and access testing
  • Remote command execution via WinRM/SMB/SSH
  • SAM/LSA/NTDS secret dumping
  • Active Directory enumeration and exploitation

Tags

smbldapwinrmcredential-sprayactive-directoryhackinginfosecinfosectoolsnetworkspentestpentest-toolpentest-toolspentestingpythonpython3red-teamsecuritysecurity-toolswindows

Details

Category
⚖️ Dual Use
Language
Python
License
BSD-2-Clause
Platforms
🐧linux🍎macos

Links

GitHub Repository

github.com/Pennyw0rth/NetExec

Official Website

netexec.wiki

Documentation

www.netexec.wiki

Releases

github.com/Pennyw0rth/NetExec/releases

Issues

github.com/Pennyw0rth/NetExec/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Used in 1 Workflow

🔑

Active Directory Password Audit

Advanced · 7 steps · 4-8 hours

Community Reviews

Alternatives & Comparisons

Impacket

Python

Collection of Python classes for working with network protocols. Essential for Windows/AD pentesting.

Compare NetExec vs Impacket

CrackMapExec

Python

Swiss army knife for pentesting Active Directory. SMB, LDAP, MSSQL, WinRM enumeration and exploitation.

Compare NetExec vs CrackMapExec

More in Dual Use

ProxyChains-ng

C

Force any TCP connection through SOCKS4/5 or HTTP proxies. Chain multiple proxies for anonymity.

proxysockspivoting

Socat

C

Multipurpose relay tool. Bidirectional data transfer between two data channels - sockets, files, pipes, devices.

relaysockettunneling

ngrok

Go

Expose local servers to the internet via secure tunnels. Instant public URLs for localhost services.

tunnelingreverse-proxynat-bypass

Rclone

Go

rsync for cloud storage. Sync, copy, and mount 70+ cloud providers. Command-line Swiss army knife for cloud data.

cloud-storagesyncexfiltration

GTFOBins

Shell

Curated list of Unix binaries that can be used to bypass security restrictions. Living off the land, documented.

lolbinsprivescshell-escape

LOLBAS

Shell

Living Off The Land Binaries, Scripts and Libraries for Windows. Documenting every Windows binary with offensive potential.

lolbinswindowsevasion