Commix – Python-based penetration testing tool

Commix is a Python-based penetration testing tool that automates the detection and exploitation of OS command injection vulnerabilities in web applications.

It focuses on vulnerable parameters and HTTP headers, runs across platforms without requiring compilation, and offers a modular design that can be extended to suit different testing workflows.

This is free and open source software.

Key Features

• Cross-platform tool written in Python that runs without compilation.
• Targets command injection vulnerabilities in vulnerable parameters and HTTP headers.
• Modular architecture that supports custom module development and extension.
• Designed to work with multiple operating systems and applications.
• Compatible with penetration testing tools and frameworks such as Metasploit Framework, Burp Suite, and sqlmap.
• Comes with extensive documentation, usage examples, and project wiki resources.

Website: github.com/commixproject/commix
Support:
Developer: Anastasios Stasinopoulos
License: GNU General Public License v3.0

Commix is written in Python. Learn Python with our recommended free books and free tutorials.

Related Software

Read our verdict in the software roundup.

Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category. This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form.