I used to use Netcat and now more and more Cryptcat. My understanding was Netcat6 was written to work with IP6 which is fine for places like Japan, but not really encountered here yet. To me Netcat is still a very useful utility depending on the level of security you encounter. If you are lucky enough to find a box that is vulnerable to that old dcom exploit and you want to use the exploit that was ported for windows, you have to use Netcat.  In my experience, if you can achieve root, then netcat is still a viable option.  I would say I am not ready to dispose of it yet, but Cryptcat is every bit as useful as netcat, with the added bonus of encryption thrown in.

  After I made that post something came to mind. It might not be a bad idea when we are reviewing a tool to qualify the use of it so we are all on the same page. For instance, do we like it as a network management tool, pen testing tool, or a hacking tool. I see each one a little different. Hacking tools usually need to be stealth where as pen testing or management tools don’t always have to be.

   A lot of the pen testing I do doesn’t always have to be stealth, however if I were trying to breach Norad, being stealth would be highly advised!  Netcat is a great utility but some hackers will laugh at you for using it saying “you look down on Telnet sending everything in clear text but then you use Netcat. At least use Cryptcat!”  While that’s true, I still love that little simple utility.  One thing I like to do is add a batch file so it will start up on the compromised machine at boot up and go into listening mode.