WormGPT is the uncensored, unrestricted AI agent for ethical hackers and red teamers. Autonomous vuln hunting, recon, OSINT, CVE analysis and darkweb intel — without the corporate guardrails.
Without the "I can't help with that."
Paste source, diffs, or endpoints. Get CWE mapping, CVSS vectors, exploit primitives, and PoC drafts — no boilerplate refusals.
Subdomains, ASNs, cert transparency, tech fingerprint, Wayback URLs, IP intel. The agent chains tools automatically.
Search .onion services via clearnet gateway. Surface breach dumps, leak indexes, and threat channels.
The agent writes scripts, executes them in a sandbox, saves artifacts, and iterates. A real workspace, not just chat.
Live NVD lookups, exploit chain reconstruction, patch diffing, affected-version analysis. No stale training data.
Discusses payloads, malware behavior, privilege escalation, and C2 patterns openly. Built for pros who need real answers.
Every tool an ethical hacker reaches for daily — pre-wired, chained automatically by the agent.
Shodan-powered passive scan
Cert chain, weak ciphers, expiry
Weak signing & claim leak detection
Algorithm + hashcat mode
XSS, SQLi, SSTI, LFI, XXE, SSRF
Email breach & credential leaks
AWS, GH, Slack, Stripe, OpenAI keys
EXIF, PDF metadata from URLs
Cert transparency + brute
A, AAAA, MX, TXT, NS records
Live NVD + CIRCL fallback
.onion via clearnet gateway
Framework + version detection
Geo, ASN, ISP, proxy detection
Historic endpoint discovery
JS-rendered content extraction
Full attack-surface mapping
Run JS payloads in isolation
CSP, HSTS, XFO audit
Hidden paths & sitemaps
Live grounded results
LLM-powered data mining
Save scripts, reports, PoCs
Paste a target scope. WormGPT enumerates subdomains, fingerprints stacks, pulls CVEs, and drafts PoCs — before you finish your coffee.
Payload crafting, C2 pattern discussion, privilege escalation chains, AV/EDR evasion research — openly, without lecture.
Drop a diff. Get CWE mapping, sink/source tracing, exploit primitives, and remediation notes with real depth.
Reverse engineering, crypto puzzles, web exploitation, forensics — WormGPT walks the full solve, not the safety essay.
Darkweb sweeps, breach lookups, leaked-credential correlation, actor infrastructure mapping via passive DNS + WHOIS.
Discusses samples, packing, C2 protocols, YARA rules, and IOCs without hedging every sentence.
Drop a target, paste code, share a hash, or describe the objective. No prompt gymnastics — say it straight.
WormGPT picks tools, runs them in sequence, and reasons over the results. Watch each step live.
Artifacts, scripts, PoCs, and reports save to your workspace. Copy them into your bounty report.
WormGPT is an uncensored, unrestricted AI agent purpose-built for ethical hackers, penetration testers, bug bounty hunters and security researchers. Unlike ChatGPT or Claude, WormGPT does not refuse offensive-security questions and can autonomously chain 23+ tools — recon, CVE lookup, payload generation, JWT/hash analysis, darkweb search and more.
No. This is a modern, purpose-built research assistant inspired by the concept of a hacker-focused LLM. It is designed for authorized security testing only — bug bounty scope, pentest engagements, CTFs, and infrastructure you own.
Yes — WormGPT is free during the private beta. Sign in with Google or email to get instant access to the agent, workspace, and all 23 offensive-security tools.
Yes. The agent plans and executes multi-step research: subdomain enumeration, tech fingerprinting, SSL analysis, port scanning via Shodan, CVE cross-referencing, payload generation, and PoC drafting — all in one thread with a persistent workspace.
Yes. WormGPT can search .onion services and surface breach dumps, leak indexes, and threat channels via a clearnet gateway so you can open the results directly in your browser.
WormGPT is a research tool. Using it against systems you do not own or have written authorization to test is illegal in most jurisdictions. Stay in scope, keep your receipts.
ChatGPT refuses roughly every third offensive-security question and hedges the rest. WormGPT is uncensored, ships with 23 dedicated hacking tools (CVE lookup, payload generator, JWT analyzer, hash identifier, port scanner, SSL analyzer, GitHub secret scanner, EXIF/metadata extractor, email breach lookup, subdomain enumeration, and more), and runs as an autonomous agent — not a chat.
WormGPT assumes you're operating on authorized targets — a bug bounty scope, a pentest engagement, a CTF, or your own infrastructure.
The model discusses offensive techniques openly because professionals need real answers. What you do with the output is your legal responsibility, not ours.
Threads, artifacts, and workspace files are private to your account and RLS-scoped by default. Bring your own scope, keep your own receipts.
One click from an AI that actually cooperates. No credit card, no waitlist, no lecture.
Enter WormGPT