explaingit

pennyw0rth/netexec

5,511PythonAudience · ops devopsComplexity · 4/5Setup · moderate

TLDR

NetExec is a Python tool for authorized penetration testers to assess Windows networks and Active Directory environments, testing credentials, enumerating users and systems, and identifying common misconfigurations.

Mindmap

mindmap
  root((NetExec))
    What it does
      Tests credentials
      Enumerates AD
      Finds weaknesses
    Targets
      Windows networks
      Active Directory
      SMB shares
    Use Cases
      Penetration testing
      Red team assessments
      AD security checks
    Tech Stack
      Python
      Linux
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Test whether a set of credentials grants access to systems in an Active Directory network during an authorized assessment.

USE CASE 2

Enumerate users, shares, and services across a Windows network from Linux during a penetration test.

USE CASE 3

Check for common Active Directory misconfigurations across a domain in an authorized security engagement.

USE CASE 4

Continue the CrackMapExec workflow with full community visibility since everything is in one public repository.

Tech stack

PythonLinux

Getting it running

Difficulty · moderate Time to first run · 30min

Requires Python 3.10 or newer, install with pipx on Linux. Only use against networks you have explicit written permission to test.

In plain English

NetExec (also called nxc) is a Python tool used by penetration testers to assess and interact with Windows networks and Active Directory environments. Active Directory is Microsoft's system for managing users, computers, and permissions across a corporate network, and it is a common target during authorized security assessments because misconfigurations there can give an attacker broad access. Tools like NetExec let testers check what access a given set of credentials has, enumerate users and systems, and test for common weaknesses. The project started in 2015 under the name CrackMapExec, built by a developer known as byt3bl33d3r. A later maintainer took it over in 2019 and added significant features before stepping back in September 2023. Rather than let the project stall, the most active contributors decided to continue it as a fully open-source community effort under the new name NetExec. The rename also addressed a practical problem: the original project was split between a private and a public repository, creating a six-to-eight-month gap between what maintainers were working on and what the public could access. With NetExec, everything lives in one public repository, making community contributions straightforward. NetExec is installed on Linux using pipx, a tool that installs Python applications in isolated environments. It requires Python 3.10 or newer. The project has a wiki for documentation and usage examples, along with a Discord server for community support. The README is brief and points to the wiki for detailed instructions. This is a tool intended for authorized security testing. Using it against networks or systems you do not have explicit permission to assess is illegal.

Copy-paste prompts

Prompt 1
Show me how to use NetExec to test SMB credentials against a range of IP addresses on an authorized target network.
Prompt 2
How do I use nxc to enumerate Active Directory users and groups during a penetration test?
Prompt 3
Help me install NetExec on Ubuntu using pipx and run a basic connectivity check against a Windows host I have permission to test.
Prompt 4
What are the most useful NetExec modules for finding privilege escalation paths in a Windows Active Directory environment?
Open on GitHub → Explain another repo

← pennyw0rth on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.