Ralph is a security consultant at BHIS, specializing in developing tools to conduct security assessments at scale.
For the past few years, I’ve envisioned building a web application that truly transforms security testing. In my earlier attempts, tools without a UI always required lengthy manuals—and by the time you finally mastered them, you hardly needed the tool at all. In today’s landscape, more and more applications rely on web interfaces—not because I’m a die-hard web developer, but because a well-crafted interface empowers users to quickly and easily harness the full power of the underlying technology without extensive training.
When I set out to build Orbit, I knew that the interface had to be intuitive and accessible, but more importantly, the application had to solve a real problem. And here’s the challenge we faced.
At Black Hills Information Security (BHIS), our Continuous Pentesting Team (CPT, also known as ANTISOC) is dedicated to performing year-round penetration testing for our clients. In our line of work, we must continuously scan customer environments for exploitable vulnerabilities—a process that, in the security industry, falls under the umbrella of Attack Surface Management. While our focus isn’t on full-scale attack surface management, we do need to rapidly identify vulnerabilities that can be exploited before adversaries do.
When we first evaluated several commercial scanning products, we encountered two major issues:
1. Incomplete Results: The scan data we received from these tools was often lacking. They missed critical findings that could leave our clients exposed.
2. Scalability Limitations: The tools weren’t designed for high-volume, scalable scanning. In our tests, as we increased the number of customers, the response times grew significantly slower, which hindered our ability to quickly identify and address potential security issues.
In our search for a better solution, we discovered Nuclei—a scanning tool that consistently delivered the best scan data. Although we faced initial challenges getting Nuclei to operate at scale (with large scopes causing occasional crashes), we managed to overcome these obstacles. By integrating Nuclei with automation tools like Terraform, Ansible, and modern CI/CD pipelines, we successfully scaled the scanning process. Moreover, because Nuclei is open source, it not only reduced our costs as we grew our customer base but also aligned with our philosophy of transparency and community collaboration.
After establishing Nuclei automation within our environment, we explored Project Discovery’s cloud product that was designed to run Nuclei at scale. While the cloud interface was polished and offered a promising solution, we quickly identified several concerns:
• Third-Party Involvement: Relying on a cloud service meant that our customer findings would be processed and stored by a third party, which didn’t sit well with us.
• Loss of Control: Even though the offering looked impressive on the surface, we couldn’t shake the worry that we might be missing something crucial. Not knowing exactly how the backend operated left us uneasy.
• Cost and Scalability: Some customers have vast numbers of hosts, and a per-asset pricing model could quickly become cost-prohibitive. At BHIS, our pricing isn’t based on the number of assets, so this model wouldn’t work for our needs.
These challenges led us to build Orbit: a platform that not only harnesses the power of Nuclei but also provides an intuitive web interface, complete control, and the scalability required for continuous, automated penetration testing.
What Sets Orbit Apart?
1. Open Source and Community Driven
Let’s face it—while some closed-source tools might get the job done, their high deployment costs can put them out of reach. With Orbit, you’re in control. It’s entirely open source and self-hosted, so you can inspect, modify, and even contribute to the code. This means Orbit evolves directly from the feedback and expertise of real security professionals like you.
2. A Modern, Intuitive Web Interface
I built Orbit with you in mind. Its interface, crafted with SvelteKit and Tailwind CSS, isn’t just about looking good; it’s designed to make your life easier. You can launch, monitor, and manage scans quickly without wrestling with complicated menus or extensive training. It’s straightforward and user-friendly, so you can focus on what really matters.
3. Scalability and Performance
Security assessments come in all sizes—from small networks to large enterprise infrastructures. Orbit is engineered to scale with your needs. By leveraging Nuclei’s template-driven scanning and automating workflows with Terraform and Ansible, Orbit keeps pace with your environment, handling even continuous, high-volume scans without breaking a sweat.
4. Cloud-Native Flexibility
Orbit’s architecture is built to thrive in the cloud. You can deploy it across various cloud providers, giving you the flexibility to choose what works best for you. This multi-provider support helps distribute scan workloads efficiently, minimizing bottlenecks and reducing the risk of IP blocking. And stay tuned: our upcoming scan chunking feature will push scan speeds and available IP capacity to the next level.
5. Advanced Scanning Engine
At its core, Orbit harnesses the power of the Nuclei scanning engine for rapid and accurate vulnerability assessments. But that’s just the starting point. Orbit is designed with a modular architecture that will eventually support additional scanning engines and techniques, ensuring it can adapt to the evolving security landscape.
6. Collaboration
Security isn’t a solo mission, and Orbit is built for teamwork. The platform organizes scan data in a clear, accessible dashboard, making it easy for your team to review findings together. Whether it’s details on discovered services or network configurations, Orbit enables efficient, team-based triage and analysis—because we all know that working together makes us stronger.
Why Orbit Matters
Orbit was created to fill a clear need—a security scanning platform that works at scale without hidden complexities or inefficiencies. Many closed-source solutions leave you guessing about what’s happening behind the scenes, often at a prohibitive cost. Orbit gives you full visibility and control over your security process, ensuring that every scan is transparent and effective.
When you choose Orbit, you’re choosing:
• Complete Control: As a self-hosted solution, Orbit puts you in the driver’s seat. You manage your data and scanning configurations directly, without hidden processes or mysterious algorithms—just straightforward, effective security scanning tailored to your needs.
• Community Empowerment: Built by security professionals for security professionals, Orbit evolves with real-world feedback. Every bug report, contribution, and feature request from our global community helps shape a platform that grows more robust and responsive with every update.
• Scalable Security: Whether you’re running a few scans or orchestrating thousands of assessments, Orbit is engineered to scale with your requirements. Its cloud-native architecture and automation capabilities ensure high performance, no matter how extensive your operations get.
Getting Started with Orbit
Setting up Orbit is straightforward, we have a Quick Start Guide available on the Orbit website and the GitHub repository. Here’s a quick rundown of the setup process:
1. Download the Latest Release:
Visit the GitHub releases page to download the binary that matches your operating system and architecture (available for macOS, Linux, and ARM-based systems).
2. Extract and Configure:
After downloading, extract the archive and make the binary executable. Don’t forget to set your API encryption key chmod +x orbit
export API_ENCRYPTION_KEY=12345678901234567890123456789012 (a mandatory 32-character key) to secure your data.
3. Launch Orbit:
Start the Orbit server by executing:
./orbit serve
Access the web interface by navigating to http://localhost:8090 in your browser.
4. Explore and Configure:
Use the intuitive dashboard to set up new scans, monitor ongoing assessments, and review historical results. Detailed documentation is available at https://orbitscanner.io to guide you through every step, from initial configuration to advanced integrations.
The Future is Open
At BHIS, we believe that we are better together than apart. Orbit is a testament to that commitment—a tool built not only to simplify security scanning but also to foster collaboration among teams. With its intuitive interface and streamlined workflows, Orbit empowers security professionals to quickly assess vulnerabilities and work together to secure every environment they touch.
Looking ahead, we’re excited about the enhancements coming to Orbit. Here’s a glimpse of what’s on the horizon:
• Snapshot-Based Deployments: Soon you’ll be able to launch pre-configured instances that cut startup times drastically, so you can go from zero to scanning in minutes.
• Distributed Scan Chunking: We’re planning to break large scans into manageable chunks, dramatically increasing scan speed and expanding the number of IP addresses that can be used simultaneously.
• Expanded Cloud Support: While Orbit already supports multiple cloud providers, upcoming enhancements will include integrations with additional providers like Azure, plus advanced features such as static IP configuration to give you even more control over your scanning environment.
• Advanced Integrations: Future updates may also bring new scanning engines and even potential selfhosted LLM-powered analysis, ensuring Orbit evolves to meet emerging security challenges and delivers actionable insights.
We’re not just building a tool—we’re creating a platform that grows with your needs. As we continue to use Orbit internally at BHIS, we remain committed to ongoing development and innovation. This isn’t a one-hit wonder; it’s the start of something that will continue to evolve alongside the rapidly changing threat landscape.
Explore Orbit through our documentation and community channels, and join us in our shared mission to secure environments everywhere. Welcome to Orbit—where collaboration drives innovation and, together, we create stronger, safer networks.
