Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool that automates the detection and exploitation of command injection vulnerabilities. It was written by Anastasios Stasinopoulos (@ancst). To install Commix, you can clone the official Git repository or download the latest tarball or zipball. Python (version 2.6, 2.7 or 3.x) is required for running Commix. For usage, you can refer to the user's manual and issues tracker on GitHub.
FEATURES
SIMILAR TOOLS
High-performant, coroutines-driven, and fully customisable Low & Slow load generator for real-world pentesting with undetectability through Tor.
A tool that visits suspected phishing pages, takes screenshots, and extracts interesting files.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
A collection of Microsoft PowerShell modules for penetration testing purposes.
A fuzzing framework for Android that creates corrupt media files to identify potential vulnerabilities
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
A framework for exploiting Android-based devices and applications
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.