AI-powered pentest management
for security professionals
Upload scans. Generate findings. Analyze AD attack paths. Produce client-ready reports. Breachwright replaces your spreadsheets, note apps, and report templates with one tool.
Now with Moxie — an offensive security AI assistant included with Professional. No API key required.
Five minutes from scan to report
Upload Scans
Nmap, Nessus, Burp output. Or run tools from the built-in Tool Runner.
AI Analyzes
Findings generated with severity, CVSS scores, and remediation guidance.
Review & Edit
Edit findings, attach evidence, track retest status. Full control.
Generate Report
Professional DOCX with cover page, severity tables, and formatted findings.
Everything a pentester needs
Built by pentesters, for pentesters. Not another vulnerability scanner.
AI Scan Analysis
Upload nmap, Nessus, or Burp output. AI generates findings with severity ratings, CVSS scores, affected hosts, and specific remediation steps.
Active Directory Analysis
Import SharpHound/BloodHound ZIP files. AI identifies attack paths to Domain Admin — Kerberoasting chains, ACL abuse, delegation attacks, and more.
DOCX Reports
Professional pentest reports with cover page, executive summary, severity tables, and detailed findings. Client-ready in one click.
Tool Runner
Execute nmap, subfinder, httpx, nikto, feroxbuster, and gowitness as background jobs. Live output streaming. Results pipe into AI analysis.
Exploitation Chains
AI maps how your findings connect into realistic attack scenarios. Shows target hosts, step-by-step techniques, and chained impact.
AI Assistant
Context-aware chat that pulls your engagement data. Ask "what should I remediate first?" and get answers based on your actual findings.
Plans for every operator
Free to start. Upgrade when you need the full toolkit.
- ✓ Up to 2 engagements
- ✓ 20 findings per engagement
- ✓ Manual finding management
- ✓ Markdown reports
- ✓ AI Assistant (bring your own API key)
- ✓ AI scan analysis
- ✓ DOCX reports
- — Exploitation chains
- — Moxie AI
- — Tool Runner
- — AD analysis
- ✓ Unlimited engagements
- ✓ Up to 5 seats
- ✓ AI scan analysis
- ✓ Moxie AI (no API key needed)
- ✓ Exploitation chains
- ✓ Attack narratives (MITRE ATT&CK)
- ✓ Active Directory analysis
- ✓ DOCX reports
- ✓ Tool Runner (nmap, nikto, etc.)
- ✓ AI Assistant
- ✓ Evidence attachments
- ✓ Export/Import
- ✓ Custom AI prompts
- ✓ Cross-engagement intelligence
- ✓ Methodology gap detection
- ✓ Local model support (Ollama/vLLM)
Manage Subscription
Update your payment method, change plans, or cancel your subscription.
Stop writing reports from scratch
Download the Community Edition and run your first scan analysis in five minutes.
First-run setup happens in the app — no terminal commands needed.