commix

Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos [@ancst], that automates the detection and exploitation of command injection vulnerabilities.

Installation

You can download commix on any platform by cloning the official Git repository:

$ git clone https://github.com/commixproject/commix.git commix

If you're using a Linux distribution, then you can install it as a snap:

$ snap install commix

Alternatively, you can download the latest tarball:- https://github.com/commixproject/commix/tarball/master or zipball:- https://github.com/commixproject/commix/zipball/master

Usage

To get a list of all options and switches use:

$ commix -h

To get an overview of commix available options, switches and/or basic ideas on how to use commix, check:- https://github.com/commixproject/commix/wiki/Usage,

• Usage examples:- https://github.com/commixproject/commix/wiki/Usage-Examples
• Filter bypasses:- https://github.com/commixproject/commix/wiki/Filters-Bypasses

Links

• Github Repo:- https://github.com/commixproject/commix
• User's manual:- https://github.com/commixproject/commix/wiki
• Issues tracker:- https://github.com/commixproject/commix/issues