Relationship Graph

Relationship Graph
related to related to child of child of duplicate of duplicate of

View Issue Details

IDProjectCategoryView StatusLast Update
0002258Kali LinuxNew Tool Requestspublic2015-07-29 12:28
Reportergeospin Assigned To 
Status closedResolutionduplicate 
Summary0002258: Command injection and exploitation tool (commix)

Commix is a great command injection tool which successfully exploits many vulnerable applications such as DVWA, bWAPP, ShelLOL, Persistence, Kioptrix(2014), w3af-moth etc

Has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks.

By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or string. Commix is written in Python programming language.

Download Page:

Demo Video: Exploiting bWAPP command injection flaws (normal & blind) via commix. ( )


duplicate of 0002201 resolvedsbrun commix - command injection and exploitation tool 




2015-06-19 10:39

administrator   ~0003420




2015-07-07 06:15

reporter   ~0003476

In the latest updates of commix, had been added support for 'shellshock' and cookie-based injections. It seems like the swiss army knife of command injections.

Issue History

Date Modified Username Field Change
2015-05-05 17:11 geospin New Issue
2015-06-19 10:39 g0tmi1k Note Added: 0003420
2015-06-19 10:39 g0tmi1k Relationship added duplicate of 0002201
2015-07-07 06:15 geospin Note Added: 0003476
2015-07-29 12:28 g0tmi1k Status new => closed
2015-07-29 12:28 g0tmi1k Resolution open => duplicate