Commix (short for **[comm]**and **[i]njection e[x]**ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos [@ancst], that automates the detection and exploitation of command injection vulnerabilities.


You can download commix on any platform by cloning the official Git repository:

$ git clone commix

If you're using a Linux distribution, then you can install it as a snap:

$ snap install commix

Alternatively, you can download the latest tarball:- or zipball:-


To get a list of all options and switches use:

$ commix -h

To get an overview of commix available options, switches and/or basic ideas on how to use commix, check:-,



Get it from the Snap Store

Search for another snap, or go back to the homepage.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙