Need help with commix?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

2.6K Stars 596 Forks Other 1.6K Commits 7 Opened issues


Automated All-in-One OS Command Injection Exploitation Tool

Services available


Need anything else?

Contributors list


Build Status Python 2.6|2.7|3.x GPLv3 License GitHub closed issues Twitter

Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos (@ancst), that automates the detection and exploitation of command injection vulnerabilities.




You can download commix on any platform by cloning the official Git repository :

$ git clone commix

Note: *Python** (version 2.6, 2.7 or 3.x) is required for running commix.*


To get a list of all options and switches use:

$ python -h

To get an overview of commix available options, switches and/or basic ideas on how to use commix, check usage, usage examples and filters bypasses wiki pages.


  • User's manual:
  • Issues tracker:


We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.