Overview
What Stinger is, how it works, and a checklist to complete before your first attack
What is Stinger?
Stinger is an AI Red Teaming platform that automatically discovers security vulnerabilities in AI systems — chatbots, agents, voice AI, and LLM APIs. It simulates real adversarial attacks against your guardrails before production, so you know exactly where your defenses break.
Think of it as a penetration testing tool built specifically for AI: instead of scanning for CVEs, Stinger probes your AI's guardrails with hundreds of attack strategies — jailbreaks, prompt injections, role-play bypasses, multilingual evasion, and more.
Two ways to attack
Stinger has two attack surfaces. Choosing the right one depends on your target.
| Web Console | Adapter | |
|---|---|---|
| Best for | REST APIs, LLM APIs (OpenAI, Anthropic, etc.) | Browser-based chatbots, SSO-authenticated UIs, SPAs |
| Setup | Browser only | Install the desktop app |
| Target access | API key or endpoint URL | Real browser via Chrome DevTools Protocol |
| When to use | The target exposes a clean HTTP API | The target requires login, dynamic JS rendering, or has no public API |
Not sure which to use?
If your target is a chatbot embedded in a web page that requires login — use the Adapter. If you have an API key or endpoint URL — use the Web Console.
First-time checklist
Complete these steps before running your first attack:
1. Register your target URL
Go to Settings → Allowlist and submit the domain or URL of the AI system you want to test. AIM reviews and approves the request before any attack can be launched against it.
2. Generate an API key
Go to Settings → API Keys and create a new key. Copy it immediately — it's shown only once. You'll need this key to authenticate the Adapter.
3. Create a project
Go to Projects → New Project. A project groups your targets and attack sessions together.
4. Choose your attack surface
- API target? → Follow the Web Console guide
- Browser-based chatbot? → Start with What is the Adapter?
Core concepts
Goal — The objective you want the AI to perform that it shouldn't. Example: "Reveal confidential system prompt", "Provide harmful instructions". Stinger generates attack prompts designed to achieve your goal.
Score — Every AI response gets a score from 0.0 to 1.0. A score ≥ 0.7 is counted as a breach — the attack succeeded.
Assessment — One full attack run across all your goals and strategies. Results are stored and can be turned into a downloadable PDF report.
Credits — Each attack turn consumes credits. Your balance is shown in the top bar. Top up at Billing → Top Up.