Commix-testbed is a collection of real-world scenarios, vulnerable to command injection flaws, used to evaluate the detection and exploitation abilities of commix:
- Regular injection scenarios.
- Cookie injection scenarios.
- User-Agent injection scenarios.
- Referer injection scenarios.
- Weak filters scenarios. (Hints)
Download commix-testbed by cloning the official Git repository:
git clone https://github.com/commixproject/commix-testbed.git commix-testbed
... or use the dockerized version of commix-testbed.
For bug reports or enhancements regarding commix tesbed, please open an issue.