Skip to main content
Donate to the Python Software Foundation or Purchase a PyCharm License to Benefit the PSF! Donate Now

Is an Automated Commando Line Tool for pentesting and other fun stuff

Project description


Build Status Python 3.6-3.7 MIT License PyPI version

General Information

Commi3 (short for [c]ryptoanalytic [o]ffensive [m]ultifunctional [m]icrostructure [i]njection [3] generation 3) is an Automated Commando Line Tool (ACLT) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP/HTTPS header.

Legal Disclaimer

With each commi3 run end users are obligated to agree with the following prelude message:

(!) Legal disclaimer: Usage of Commi3 for attacking targets without prior mutual consent is illegal. 
It is the end user's responsibility to obey all applicable local, state and federal laws. 
Developers assume no liability and are not responsible for any misuse or damage caused by this program.


Python version 3.6.x or 3.7.x is required for running this program.


Download commi3 by cloning the Git repository:

git clone commi3

Commi3 comes packaged on the official repositories of the following Linux distributions, so you can use the package manager to install it!

Commi3 also comes as a plugin, on the following penetration testing frameworks:

Supported Platforms

  • Linux
  • Mac OS X
  • Windows


To get a list of all options and switches use:

python -h & python3 -h

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
Commi3-1.0.7-py2.py3-none-any.whl (14.7 kB) Copy SHA256 hash SHA256 Wheel py2.py3
Commi3-1.0.7.tar.gz (3.5 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page