commix v3.0 releases: Automated All-in-One OS command injection and exploitation tool
Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header.
- Fixed: Multiple bug-fixes regarding several reported unhandled exceptions.
- Revised: Improvement regarding identifying the indicated web-page charset.
- Added: Support for Python 3.x
- Updated: Beautiful Soup (third party) module has been updated.
- Added: Six (third party) module has been added.
- Revised: Improvement regarding parsing nested JSON objects that contain boolean values.
- Replaced: The
--ignore-401option has been replaced with
- Added: New option (
--ignore-code) for ignoring (problematic) HTTP error code (e.g. 401).
git clone https://github.com/commixproject/commix.git commix
Copyright (c) 2014-2018 Anastasios Stasinopoulos