# NetExec - `nxc` = `netexec` . It is just the shortened command name for convenience - netexec can also be used for other protocols such as SMB, LDAP, MSSQL and others. Installing NetExec ```bash sudo apt-get -y install netexec ``` help ```bash netexec -h nxc -h # protocol-specific help netexec smb -h nxc smb -h ``` Usage ```bash nxc winrm <IP> -u <user_wordlist> -p <password_wordlist> nxc smb <IP> -u users.txt -p 'password123' --continue-on-success nxc smb <IP> -u "user" -p "password" --shares nxc smb <IP> --local-auth -u <username> -p <password> --lsa nxc smb <IP> -u <user or userlist> -p <pw or pwlist> -k # keep going nxc smb <IP> -u guest -p '' --rid-brute nxc smb <IP> -u guest -p '' --rid-brute | grep sidTypeUser # ADCS nxc ldap $IP -u <user> -p <password> -M adcs ```