Commix (abbreviation for [comm] and [ i ] njection e [x] ploiter) is an automated tool written by Anastasios Stasinopoulos ( @ancst ), which can be used by web developers, penetration testers or even security researchers to test web applications for errors or vulnerabilities related to attacks command injection.
Using this tool, it is very easy to find and exploit a command injection vulnerability in a specific vulnerable parameter or HTTP header.
Conditions
Version required Python 2.6 , 2.7 ή 3.x to run this program.
Installation
We download commix from the Git repository:
git clone https://github.com/commixproject/commix.git commix |
Commix already exists in official repositories of the following Linux distributions so that you can use it package manager for to install it!
Commix is coming too as an additive , in the following penetration testing frameworks:
- TrustedSec's Penetration Testers Framework (PTF)
- OWASP Offensive Web Testing Framework (OWTF)
- CTF-Tools
- PentestBox
- PenBox
- Katoolin
- Aptive's Penetration Testing tools
- Homebrew Tap - Pen Test Tools
- fsociety Hacking Tools Pack - A Penetration Testing Framework
Supported platforms
- Linux
- Mac OS X
- Windows (experimental)
Use
To display all available program options, type the following command:
python commix.py -h |
Application snapshots
Read them Technology News from all over the world, with the validity of iGuRu.gr
Follow us on Google News
Microsoft has removed the ability to postpone updates to Windows 10 2004
»
Comment Policy:
IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators