Operator drives. AI co-pilots.
Pause at any planner step. Inject a hint, redirect the loop, or reject a candidate. The AI's reasoning trace renders inline with the run, never in a separate panel you forget exists.
v1 · self-hostable
The pentest IDE that stays in the loop.
Autopilot agents start a scan and disappear for four hours. lecram lets you pause, inject a hint, or redirect the AI mid-step. Findings ship as Issues, not flat run rows. Container-per-tool isolation. Bring your own key.
62 dockerized tools
7 built-in starter graphs
0 telemetry · BYO key
9 operator themes
What it is
Three things make it different.
Most "AI pentest" products start a scan and walk away. lecram is built for the operator who stays in the loop and treats the AI like a teammate.
One Issue. Not seven panels.
Findings, evidence, knowledge, methodology, one substrate. Stop juggling Burp, Notion, and a screenshot folder.
Container-per-tool isolation.
Every tool runs in its own image. scope_guard refuses out-of-scope targets before the container even starts.
Knowledge that actually fires.
HackTricks, OWASP WSTG, Trail of Bits AppSec preloaded into a sidebar. Cross-engagement memory: the planner remembers what got promoted last time.
The product
Real screens from a live engagement.
Not stock mockups. Actual surface. Scroll the four scenes, the canvas listens.
- 01 Engagements as first-class objects. Scope, RoE, and blacklist enforced before any container starts.
- 02 Every run, fully replayable. Live console, planner candidates, knowledge sidebar, pause and inject.
- 03 Plan-as-DAG. The operator drives. 31 dockerized tools as a node palette. Starter graphs included.
- 04 Findings ship as Issues. Ranked by reachability, proven path beats theoretical CVSS.
The lane
Where it sits in the market.
XBOW, NodeZero, Pentera ship autopilot. Operator hands off, scan returns four hours later. Burp Pro is operator-only with no AI. PlexTrac and AttackForge are reporting layers, they don't run scans. lecram is the only product where an operator can drive a real engagement against a real customer's app, with real test accounts, and have the AI learn what works.
vs autopilot
→
Operator stays in the loop. Pause, inject, redirect at every step. steerable
vs operator-only
→
Reasoning trace, planner, knowledge. Co-pilot grade, not a manual proxy. AI-augmented
vs reporting-only
→
Runs the scans, drives the tools, ships the findings end-to-end. integrated
Capabilities
Real surface, not a manifesto.
A non-exhaustive view of what's already shipping in v1.
31 dockerized tools (httpx, nuclei, sqlmap, burp, kali…)
Knowledge corpus: HackTricks, OWASP WSTG, Trail of Bits AppSec
Engagement-canonical Issue object
Mid-loop reasoning trace, pause, inject hint
scope_guard with iptables egress fence
Per-engagement Wireguard / OpenVPN / Tailscale sidecar with killswitch
Authenticated session profiles plus 5 authz probes
Cross-engagement agent memory
Output-chained planner that learns from approve / reject
Bulk-approve cheatsheet and methodology candidates
Knowledge-aware run sidebar plus chat MCP
EXIF probe, payload embed
9 themes (dark, light, retro, amber, high contrast, print, space, robotic, geeky)
Cmd-K palette, keyboard-first navigation
Pricing
Three tiers. Self-host first.
Free is the operator's tier: fully featured, single-engagement, BYO API key. Team and Enterprise unlock seats, integrations, and SSO. Real numbers post v1.1.
$0
Self-host. The operator's tier.
- 1 engagement
- 1 user
- BYO model key (major providers or self-hosted)
- All operator features
- Community support
$179/ seat / month
For consulting shops and small AppSec teams.
- Up to 10 engagements
- Up to 5 seats
- All operator features
- Email support
- Shared knowledge corpus
Custom
For internal red teams and security orgs.
- Unlimited engagements + seats
- Slack / Linear / Jira integrations
- Share-links + SSO (SAML / OIDC)
- SLA + onboarding
- Audit log export