Getting Started with Hive

Welcome to Hive! This guide will walk you through everything you need to know to start using the platform effectively.

Prerequisites

Before you begin, ensure you have:

• A valid Hive license (or trial account)
• Modern web browser (Chrome, Firefox, Safari, or Edge)
• Internet connection
• (Optional) Docker installed for APHIDS CLI usage

New User?

If you don't have a Hive account yet, visit hive.darksidesecurity.io to sign up for a free trial.

Step 1: Access the Hive Platform

Web Access

1. Navigate to your Hive instance:
2. Hive Professional: https://hive.darksidesecurity.io

3. Hive Enterprise: https://YourEnterpriseHere.darksidesecurity.io

4. You'll be presented with the login screen, click Register to create a Hive User account

First Login

1. Enter your credentials:
2. Email: Your registered email address

3. Password: Your secure password

4. Click Sign In

5. (First time only) You may be prompted to:

6. Verify your email address
7. Accept terms of service

Step 2: Understand the Dashboard

After logging in, you'll see the Overview Dashboard. This is your command center for all security operations.

Dashboard

The dashboard is organized into several key sections:

Navigation Sidebar

Located on the left side, the navigation provides access to all platform features:

• Overview: Dashboard and metrics
• Assets: Inventory management
• All Assets
• URLs, Sites, Hosts, Ports, IPs
• DNS Records
• Applications & Metadata
• Attack Platform: Security testing strategies
• Runbooks
• Attack Trees
• Strategy Builder: Create custom testing workflows
• Automation Engine: Scan execution and monitoring
• Operations: Campaign and engagement management
• Intelligence: Vulnerabilities and findings
• Configuration: Users, groups, and settings

Step 3: Create Your First Organization

Organizations help you organize your security testing efforts, especially if you're managing multiple clients or projects.

Creating an Organization

1. Navigate to Operations → Organizations in the sidebar
2. Click the Create Organization button
3. Fill in the organization details
4. Click Create

Why Organizations?

Organizations serve as containers for campaigns and engagements, helping you keep client work separated and organized.

Step 4: Create Your First Campaign

Campaigns represent high-level security initiatives or projects.

Creating a Campaign

1. Navigate to Operations → Campaigns
2. Click Create Campaign
3. Enter campaign details:
4. Name: Campaign name (e.g., "Q1 2024 External Assessment")
5. Organization: Select the organization you created
6. Description: Campaign objectives and scope
7. Start Date: When the campaign begins
8. End Date: When the campaign concludes
9. Click Create

Step 5: Create an Engagement

Engagements represent specific security testing activities within a campaign.

Creating an Engagement

1. Navigate to Operations → Engagements
2. Click Create Engagement
3. Fill in engagement details
4. Click Create

Step 6: Run Your First Scan

Now for the exciting part - let's run a security scan!

Option A: Using a Runbook (Recommended for Beginners)

Runbooks are pre-configured security testing workflows.

1. Navigate to Attack Platform → Runbooks
2. Browse available runbooks:
3. Web Application Scan: Comprehensive web app testing
4. Network Discovery: Port scanning and service enumeration
5. Subdomain Enumeration: Discover subdomains
6. SSL/TLS Analysis: Certificate and configuration testing
7. Click on a runbook to view details
8. Click Execute Runbook
9. This will bring you to the Scan Executions Page

1. Configure Scan Execution parameters:
2. Target: Enter your target (URL, IP, or domain)
3. Engagement: Select your engagement
4. Options: Customize scan parameters (optional)

1. Click Start Execution

Option B: Using the APHIDS CLI

For command-line enthusiasts:

# Execute a runbook via CLI
aphids-cli \
  --api-key YOUR_API_KEY \
  --api-url https://api.hive.darksidesecurity.io \
  --runbook RUNBOOK_ID \
  --target-url https://example.com \
  --engagement ENGAGEMENT NAME

Get Your API Key

Navigate to Configuration → Settings → API Keys to retrieve/re-generate your API key.

Step 7: Monitor Scan Progress

Viewing Active Scans

1. Navigate to Automation Engine → Scan Executions
2. You'll see your scan listed with:
3. Status: Running, Completed, or Failed
4. Progress: Percentage complete
5. Start Time: When the scan began
6. Estimated Completion: When it will finish

Real-Time Monitoring

Click on a running scan to view:

• Module Progress: Which security tools are running
• Live Output: Real-time scan results
• Discovered Assets: Assets found so far
• Findings: Security issues discovered

Step 8: Review Results

Once your scan completes, it's time to analyze the results.

Viewing Discovered Assets

1. Navigate to Assets → All
2. You'll see all assets discovered during your scan:
3. URLs
4. Hosts
5. IP Addresses
6. Ports
7. DNS Records
8. Applications

Analyzing Vulnerabilities

1. Navigate to Attack Intelligence → Vulnerabilities
2. Review vulnerabilities by:
3. Severity: Critical, High, Medium, Low
4. CVSS Score: Numerical risk rating
5. Asset: Which asset is affected
6. Status: New, Confirmed, Remediated

Viewing Findings

1. Navigate to Attack Intelligence → Attack Findings
2. Explore detailed findings including:
3. Description: What was found
4. Evidence: Proof of the finding
5. Impact: Potential security impact
6. Remediation: How to fix it

Step 9: Visualize Your Attack Surface

Hive provides powerful visualization tools to understand asset relationships.

Using the Graph Viewer

1. Navigate to Assets → All
2. Click the Graph View button
3. Explore the interactive graph:
4. Nodes: Represent assets
5. Edges: Show relationships
6. Colors: Indicate asset types
7. Zoom/Pan: Navigate the graph

Graph Navigation

• Click and drag to pan
• Scroll to zoom
• Click a node to see details
• Double-click to expand relationships

Step 10: Generate a Report

Create professional reports for stakeholders.

Creating a Report

1. Navigate to Attack Intelligence → Reporting Engine
2. Click New Report
3. Add Vulnerabilities from Data Tab
4. Add new report elements such as Text Sections or Images
5. Click Save

1. Click Preview to see a live preview of your report.
2. Click Print/PDF to export your report.

Next Steps

Congratulations! You've completed your first security scan with Hive. Here's what to explore next:

Beginner Level

• ✅ Complete first scan
• Create custom runbooks
• Explore asset types
• Understand vulnerability scoring

Intermediate Level

• Build attack trees
• Install APHIDS CLI
• Set up API integration
• Configure automated scheduling

Advanced Level

• Design complex workflows
• Customize modules
• Implement CI/CD integration
• Build custom reporting

Common First-Time Questions

How long does a typical scan take?

Scan duration varies based on scope and modules used:

• Quick scan (basic enumeration): 5-15 minutes
• Standard scan (comprehensive): 30-60 minutes
• Deep scan (extensive testing): 2-4 hours

You can monitor progress in real-time from the Scan Executions page.

Can I pause or stop a running scan?

Yes! Navigate to the scan execution and click the Stop button. You can resume later or start a new scan.

What if I don't see any results?

Common reasons:

• Scan is still running (check status)
• Target is unreachable (verify connectivity)
• Scope restrictions (check engagement scope)
• Firewall blocking (ensure Hive IPs are whitelisted)

How do I add team members?

Navigate to Configuration → Users → Invite User. Enter their email and assign appropriate roles.

Is my data secure?

Yes! All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Scans run in isolated Docker containers. See our Security & Privacy section for details.

Getting Help

Need assistance?

• 📖 Search Documentation: Use the search bar above
• 💬 Community Forums: Connect with other users
• 📧 Support Email: support@darksidesecurity.io

---

Ready to dive deeper?

Explore the Hive Platform Guide →