General FAQ

Frequently asked questions about the Hive platform and APHIDS CLI.

Getting Started

What is Hive?

Hive is an enterprise-grade Attack Surface Management (ASM) and penetration testing platform. It helps security professionals discover, analyze, and secure their digital attack surface through automated scanning, intelligent analysis, and comprehensive reporting.

Key Features: - Automated asset discovery - Security testing automation - Vulnerability management - Team collaboration - Professional reporting

What is APHIDS CLI?

APHIDS (Automated Penetration and Hacking Intrusion Detection System) CLI is a Docker-based command-line tool for automated security testing. It integrates with the Hive platform or can run standalone.

Key Features: - 30+ security testing modules - Docker-based isolation - Online/offline modes - Flexible configuration - CI/CD integration

Do I need both Hive and APHIDS CLI?

No, you can use either independently:

• Hive Only: Use the web interface for all operations
• APHIDS Only: Run CLI in offline mode with local configuration
• Both Together: Best experience with full integration

Most users start with Hive and add APHIDS CLI for automation and CI/CD integration.

How much does Hive cost?

Visit www.darksidesecurity.io for current pricing and plans.

Is there a free trial?

Yes! A 14-day free trial is available with full platform access. Visit www.darksidesecurity.io to sign up.

Legal & Authorization

Is it legal to use Hive for security testing?

Yes, but only with proper authorization. You must have:

✅ Written permission from the asset owner
✅ Clearly defined scope of what to test
✅ Rules of engagement documented
✅ Emergency contacts established

⚠️ Unauthorized testing is illegal and can result in criminal charges. Always get permission first!

What authorization do I need before scanning?

You need explicit written authorization that includes:

1. Scope: What systems/networks can be tested
2. Timeline: When testing is permitted
3. Methods: What techniques are allowed
4. Contacts: Who to notify in emergencies
5. Signatures: From authorized parties

Keep this documentation for your records.

Can I test my own systems?

Yes, if you own or have administrative authority over them. However:

• Cloud providers: Check terms of service (some require notification)
• Shared hosting: May need provider permission
• Corporate networks: Get IT/security team approval
• Third-party services: Need explicit permission

When in doubt, ask first!

What if I discover a vulnerability in someone else's system?

Follow responsible disclosure:

1. Don't exploit the vulnerability
2. Document the finding carefully
3. Contact the organization privately
4. Give time for them to fix (typically 90 days)
5. Coordinate public disclosure if appropriate

Many organizations have bug bounty programs or security contact emails.

Technical Requirements

What are the system requirements?

For Hive Platform (Web): - Modern web browser (Chrome, Firefox, Safari, Edge) - Internet connection - No installation required

For APHIDS CLI: - Docker 20.10+ - Python 3.8+ - 4GB RAM minimum (8GB recommended) - 10GB disk space minimum - Linux, macOS, or Windows with WSL2

Does APHIDS CLI work on Windows?

Yes, but requires WSL2 (Windows Subsystem for Linux 2):

1. Install WSL2
2. Install Ubuntu from Microsoft Store
3. Install Docker Desktop with WSL2 integration
4. Install APHIDS CLI in Ubuntu

See our Windows installation guide for details.

Can I run Hive on-premises?

Enterprise customers can deploy Hive on-premises. Contact sales@darksidesecurity.io for details.

What cloud providers does Hive support?

Hive is cloud-agnostic and can scan assets on any cloud provider or on-premises infrastructure.

Features & Capabilities

What security tools does Hive include?

Hive integrates 30+ security testing tools:

Network Scanning: Nmap, Masscan
Web Testing: Nikto, Wapiti, ZAP, WhatWeb
Subdomain Enum: Amass, Sublist3r, Subfinder
Vulnerability Scanning: Nuclei, Nessus
SSL/TLS: SSLScan, TestSSL
Information Gathering: Shodan, Censys

See complete module list.

Can I add my own security tools?

Yes! You can create custom modules:

1. Extend APHIDS Core: Add tools to Docker container
2. Create Module Definition: Define inputs/outputs
3. Write Parser: Convert tool output to Hive format
4. Test & Deploy: Validate and use in scans

See custom modules guide.

Does Hive perform automated exploitation?

No. Hive focuses on discovery and vulnerability identification, not exploitation:

✅ What Hive does: - Discover assets - Identify vulnerabilities - Assess risk - Provide remediation guidance

❌ What Hive doesn't do: - Automated exploitation - Privilege escalation - Data exfiltration - System compromise

Manual exploitation requires explicit authorization and should be done carefully.

How accurate are the scan results?

Hive aims for high accuracy but false positives can occur:

Accuracy measures: - Multiple tool validation - Confidence scoring - Manual verification options - False positive reporting

Best practices: - Always validate critical findings - Use multiple scanning methods - Review results manually - Report false positives to improve accuracy

Can Hive scan internal networks?

Yes, using VPN access, APHIDS CLI inside your network, or on-premises deployment. Contact support for guidance.

Data & Privacy

Where is my data stored?

Data is encrypted at rest and in transit. SaaS customers' data is stored in secure cloud infrastructure. On-premises deployments keep all data in your infrastructure.

Who can see my scan results?

Only authorized users in your organization. Role-based access control and engagement isolation ensure data privacy.

How long is data retained?

Data retention is configurable. You can export or delete your data at any time.

Can I export my data?

Yes! Export via API, reports (PDF, HTML, JSON), or CSV. You own your data and can export it anytime.

Is Hive GDPR compliant?

Yes. See our privacy policy for details.

Support & Community

How do I get help?

📖 Documentation | 💬 Community Forums | 📧 support@darksidesecurity.io

What are the support SLAs?

Support response times vary by plan. Contact sales for SLA details.

Is there a community forum?

Yes! Visit www.darksidesecurity.io for community links.

Are there training resources?

Yes! Documentation, video tutorials, and webinars are available. Contact support@darksidesecurity.io for details.

Troubleshooting

Why isn't my scan starting?

Check that the target is in scope, reachable, and you have proper permissions. Review execution logs for errors.

Why am I not seeing any results?

Verify the scan completed, target is reachable, and no filters are applied. Try a simple scan to test connectivity.

How do I report a bug?

Email support@darksidesecurity.io with steps to reproduce, expected behavior, and error messages.

How do I request a feature?

Email support@darksidesecurity.io with your feature request, use case, and benefits.

Still Have Questions?

Can't find your answer? We're here to help:

• 📖 Search Documentation: Use the search bar above
• 💬 Ask Community: Post in forums
• 📧 Contact Support: support@darksidesecurity.io

---

More FAQs

Hive Platform FAQ | APHIDS CLI FAQ | Troubleshooting FAQ