NetExec (nxc) is a powerful network service exploitation tool designed to streamline security assessments, particularly in large network environments. It automates various tasks, from vulnerability scanning to credential dumping, making it an invaluable asset for red teams and penetration testers.
Key features include:
- Protocol Support: SMB, LDAP, WINRM, MSSQL, SSH, FTP, RDP, WMI, and NFS.
- Enumeration Capabilities: Host enumeration, user enumeration, share enumeration, and more.
- Credential Harvesting: SAM, LSA, NTDS.dit, LSASS dumping, and credential dumping from various applications (Veeam, WinSCP, etc.).
- Command Execution: Remote command execution via multiple protocols.
- Vulnerability Scanning: SMB vulnerability scanning.
- Password Spraying: Password spraying attacks across multiple protocols.
- BloodHound Integration: Seamless integration with BloodHound for Active Directory attack path analysis.
NetExec is designed for penetration testers, red teamers, and security auditors who need to efficiently assess the security posture of networks.