Discover your true attack surface

Phobos Orbital is designed to illustrate where real attackers would attack, and why. Orbital will discover Attack Pathways which make quick work of exposed risk surfaces, indicating the most lucrative entrypoints available for exploitation.

How it works

Plain English reporting

No CVE references, no DREAD, no STRIDE, no att&ck framework - plain english. Instantly actionable, plain-english reports you can share with anyone. The days of 600 page reports consisting of the same copypasted "ping is a medium finding" and "here's how to fix XSS and SQLI" are over.

Technology Breakdown

Identify the Tech Stack of a given organization. Often just looking at the technology used telegraphs quite a lot to attackers, especially in 2020, where multiple security appliance providers have had multiple RCE problems in the last calendar year.

Details for specific hosts with discovered issues

Get an idea of what a given host is responsible for. Internal IP? Dev and Staging language in it's name? Probably a soft target, probably not hardened. Attackers look for easy ways in, and this is how they do it.


Discovers additional domains and organizations related to target organization

Discover what other domain names and organizations are adjacent to your inquiry! Orbital can show you how organizations can overlap at the technology level, giving way for attackers to have multiple avenues of attack.

Favorable & unfavorable technology

Identify what attackers see as "juicy targets", ranging from publicly accessible assets, to information leaks, to appliances and software with known issues, as well as combining findings for attacker success.


The screenshot gallery makes it fast and easy to visually identify problems quickly.

Internal and external hosts

Orbital can discover internal assets using only publicly available data. See where your environment exposes whats "behind the curtain", and how attackers can use these findings to gather intel to do target selection and acquisition without stepping foot in the LAN.

Open port discovery

Sometimes equipment misbehaves. Sometimes attackers setup backdoors. Whatever the reason, it's important to know what ports your organization is exposing to the internet.

Leaked credentials

These are a gold mine for attackers, and knowing what credentials are exposed can help immediately identify possible ingress opportunities for attackers.

Executive report

One page. Plain english.

Exhaustive findings

Good things come to those who wait! Orbital's sweeps are exhaustive, and often turn up findings noone was aware existed previously.