EN
ENNA

Commix

Vulnerability Scanning · Python

Commix is an automated tool for testing web applications for command injection vulnerabilities. It exploits OS command injection flaws by injecting and executing arbitrary commands on the target system. Written in Python, Commix provides a comprehensive suite of features for detecting and exploiting command injection, making it a valuable tool for penetration testers and security researchers.

5.7kstars
928forks
8issues
Updated 1d ago
View on GitHubOfficial Website

Installation

$ pip install commix

Tags

command-injectionautomatedweb-appbugbountycommixdetectionexploitationopen-sourcepentestingpythontakeovervulnerability-scanner

Details

Category
Vulnerability Scanning
Language
Python
Platforms
🐧linux🍎macos🪟windows

Links

GitHub Repository

github.com/commixproject/commix

Official Website

commixproject.com

Releases

github.com/commixproject/commix/releases

Issues

github.com/commixproject/commix/issues

Sponsored

Your ad here

Reach security professionals and developers — ads@en-na.com

More in Vulnerability Scanning

Nuclei

Go

Fast vulnerability scanner driven by YAML templates. Thousands of community-contributed detection templates.

template-basedcvemisconfig

sqlmap

Python

Automatic SQL injection and database takeover tool. Detects and exploits SQL injection flaws.

sql-injectiondatabaseautomated

WPScan

Ruby

WordPress security scanner. Enumerates plugins, themes, users, and checks for known vulnerabilities.

wordpressplugin-enumcve

OpenVAS

C

Full-featured vulnerability scanner. 50,000+ NVTs, credentialed scanning, compliance checks.

enterprisenvtcompliance

XSStrike

Python

Advanced XSS detection suite. Fuzzing engine, context analysis, and WAF detection/bypass capabilities.

xsswaf-bypassfuzzing

testssl.sh

Shell

Command-line tool for checking TLS/SSL ciphers, protocols, and cryptographic flaws on any port.

tlssslcipher-check