Uncensored · Unrestricted · 23 tools built-in

The AI that thinks like a security researcher.

WormGPT is the uncensored, unrestricted AI agent for ethical hackers and red teamers. Autonomous vuln hunting, recon, OSINT, CVE analysis and darkweb intel — without the corporate guardrails.

23
Tools
0
Refusals
50
Steps
24/7
Online
wormgpt://agent · thread_a91f
find rce on target.corp — scope: bounty
◇ planning · 6 steps
subdomain_enum → 47 hosts
tech_fingerprint → Nginx 1.18, PHP 7.4
cve_search → CVE-2021-41773
payload_gen → path traversal
sandbox_exec → verifying PoC…
Finding
RCE via Apache path traversal → shell as www-data
Trusted by
Bug bounty huntersRed teamersPenetration testersCTF playersSOC analystsMalware researchersThreat huntersExploit developersBug bounty huntersRed teamersPenetration testersCTF playersSOC analystsMalware researchersThreat huntersExploit developers
Capabilities

Everything you actually asked ChatGPT for.

Without the "I can't help with that."

Vulnerability hunting

Paste source, diffs, or endpoints. Get CWE mapping, CVSS vectors, exploit primitives, and PoC drafts — no boilerplate refusals.

Recon & OSINT

Subdomains, ASNs, cert transparency, tech fingerprint, Wayback URLs, IP intel. The agent chains tools automatically.

Darkweb intel

Search .onion services via clearnet gateway. Surface breach dumps, leak indexes, and threat channels.

Autonomous tooling

The agent writes scripts, executes them in a sandbox, saves artifacts, and iterates. A real workspace, not just chat.

Live CVE deep-dive

Live NVD lookups, exploit chain reconstruction, patch diffing, affected-version analysis. No stale training data.

Zero guardrails

Discusses payloads, malware behavior, privilege escalation, and C2 patterns openly. Built for pros who need real answers.

Toolset

23 offensive tools. One agent.

Every tool an ethical hacker reaches for daily — pre-wired, chained automatically by the agent.

Port scanner

Shodan-powered passive scan

SSL/TLS analyzer

Cert chain, weak ciphers, expiry

JWT decoder

Weak signing & claim leak detection

Hash identifier

Algorithm + hashcat mode

Payload generator

XSS, SQLi, SSTI, LFI, XXE, SSRF

Breach lookup

Email breach & credential leaks

GitHub secret scanner

AWS, GH, Slack, Stripe, OpenAI keys

Metadata extractor

EXIF, PDF metadata from URLs

Subdomain enum

Cert transparency + brute

DNS lookup

A, AAAA, MX, TXT, NS records

CVE search

Live NVD + CIRCL fallback

Darkweb search

.onion via clearnet gateway

Tech fingerprint

Framework + version detection

IP intel

Geo, ASN, ISP, proxy detection

Wayback URLs

Historic endpoint discovery

Firecrawl scrape

JS-rendered content extraction

Site crawler

Full attack-surface mapping

Sandbox exec

Run JS payloads in isolation

Security headers

CSP, HSTS, XFO audit

Robots.txt recon

Hidden paths & sitemaps

Web search

Live grounded results

Structured extract

LLM-powered data mining

Artifact workspace

Save scripts, reports, PoCs

Use cases

Built for real offensive work.

01

Bug bounty triage

Paste a target scope. WormGPT enumerates subdomains, fingerprints stacks, pulls CVEs, and drafts PoCs — before you finish your coffee.

02

Red team ops

Payload crafting, C2 pattern discussion, privilege escalation chains, AV/EDR evasion research — openly, without lecture.

03

Code review

Drop a diff. Get CWE mapping, sink/source tracing, exploit primitives, and remediation notes with real depth.

04

CTF solving

Reverse engineering, crypto puzzles, web exploitation, forensics — WormGPT walks the full solve, not the safety essay.

05

Threat intel

Darkweb sweeps, breach lookups, leaked-credential correlation, actor infrastructure mapping via passive DNS + WHOIS.

06

Malware analysis

Discusses samples, packing, C2 protocols, YARA rules, and IOCs without hedging every sentence.

Comparison

WormGPT vs generic chatbots.

Feature
WormGPT
ChatGPT
Refuses offensive-security questions
Autonomous tool chaining
Live CVE + NVD lookups
Darkweb (.onion) search
Payload generation on demand
JWT / hash / SSL analysis built-in
GitHub secret scanning
Sandboxed script execution
Persistent research workspace
Corporate compliance filter
How it works

Three steps to a finding.

01

Ask anything

Drop a target, paste code, share a hash, or describe the objective. No prompt gymnastics — say it straight.

02

Agent plans & executes

WormGPT picks tools, runs them in sequence, and reasons over the results. Watch each step live.

03

Ship findings

Artifacts, scripts, PoCs, and reports save to your workspace. Copy them into your bounty report.

FAQ

Questions researchers ask.

What is WormGPT?+

WormGPT is an uncensored, unrestricted AI agent purpose-built for ethical hackers, penetration testers, bug bounty hunters and security researchers. Unlike ChatGPT or Claude, WormGPT does not refuse offensive-security questions and can autonomously chain 23+ tools — recon, CVE lookup, payload generation, JWT/hash analysis, darkweb search and more.

Is WormGPT the same as the original WormGPT?+

No. This is a modern, purpose-built research assistant inspired by the concept of a hacker-focused LLM. It is designed for authorized security testing only — bug bounty scope, pentest engagements, CTFs, and infrastructure you own.

Is WormGPT free?+

Yes — WormGPT is free during the private beta. Sign in with Google or email to get instant access to the agent, workspace, and all 23 offensive-security tools.

Can WormGPT find vulnerabilities autonomously?+

Yes. The agent plans and executes multi-step research: subdomain enumeration, tech fingerprinting, SSL analysis, port scanning via Shodan, CVE cross-referencing, payload generation, and PoC drafting — all in one thread with a persistent workspace.

Does WormGPT search the darkweb?+

Yes. WormGPT can search .onion services and surface breach dumps, leak indexes, and threat channels via a clearnet gateway so you can open the results directly in your browser.

Is WormGPT legal?+

WormGPT is a research tool. Using it against systems you do not own or have written authorization to test is illegal in most jurisdictions. Stay in scope, keep your receipts.

How is WormGPT different from ChatGPT for hacking?+

ChatGPT refuses roughly every third offensive-security question and hedges the rest. WormGPT is uncensored, ships with 23 dedicated hacking tools (CVE lookup, payload generator, JWT analyzer, hash identifier, port scanner, SSL analyzer, GitHub secret scanner, EXIF/metadata extractor, email breach lookup, subdomain enumeration, and more), and runs as an autonomous agent — not a chat.

Scope

Uncensored, not lawless.

WormGPT assumes you're operating on authorized targets — a bug bounty scope, a pentest engagement, a CTF, or your own infrastructure.

The model discusses offensive techniques openly because professionals need real answers. What you do with the output is your legal responsibility, not ours.

Threads, artifacts, and workspace files are private to your account and RLS-scoped by default. Bring your own scope, keep your own receipts.

Free during private beta

Stop fighting the model.
Start shipping findings.

One click from an AI that actually cooperates. No credit card, no waitlist, no lecture.

Enter WormGPT