Getting Started with Hive

Welcome to Hive! This guide will walk you through everything you need to know to start using the platform effectively.

Prerequisites

Before you begin, ensure you have:

• A valid Hive license (or trial account)
• Modern web browser (Chrome, Firefox, Safari, or Edge)
• Internet connection
• (Optional) Docker installed for APHIDS CLI usage

New User?

If you don't have a Hive account yet, visit hive.darksidesecurity.io to sign up for a free trial.

Step 1: Access the Hive Platform

Web Access

1. Navigate to your Hive instance:
2. Production: https://hive.darksidesecurity.io
3. Staging: https://hive-staging.darksidesecurity.io

4. Self-Hosted: Your custom domain

5. You'll be presented with the login screen

📸 Screenshot: Hive Login Screen

First Login

1. Enter your credentials:
2. Email: Your registered email address

3. Password: Your secure password

4. Click Sign In

5. (First time only) You may be prompted to:

6. Verify your email address
7. Accept terms of service

📸 Screenshot: First Login Welcome Screen

Step 2: Understand the Dashboard

After logging in, you'll see the Overview Dashboard. This is your command center for all security operations.

Dashboard Components

The dashboard is organized into several key sections:

Navigation Sidebar

Located on the left side, the navigation provides access to all platform features:

• Overview: Dashboard and metrics
• Assets: Inventory management
• All Assets
• URLs, Sites, Hosts, Ports, IPs
• DNS Records
• Applications & Metadata
• Attack Platform: Security testing strategies
• Runbooks
• Attack Trees
• Strategy Builder: Create custom testing workflows
• Automation Engine: Scan execution and monitoring
• Operations: Campaign and engagement management
• Intelligence: Vulnerabilities and findings
• Configuration: Users, groups, and settings

📸 Screenshot: Navigation Sidebar

Overview Cards

The main dashboard displays key metrics:

• Total Assets: Count of discovered assets
• Active Scans: Currently running security tests
• Vulnerabilities: Discovered security issues
• Recent Activity: Latest platform actions

📸 Screenshot: Dashboard Overview Cards

Step 3: Create Your First Organization

Organizations help you organize your security testing efforts, especially if you're managing multiple clients or projects.

Creating an Organization

1. Navigate to Operations → Organizations in the sidebar
2. Click the Create Organization button
3. Fill in the organization details:
4. Name: Organization name (e.g., "Acme Corp")
5. Description: Brief description
6. Contact Information: Primary contact details
7. Click Create

📸 Screenshot: Create Organization Form

Why Organizations?

Organizations serve as containers for campaigns and engagements, helping you keep client work separated and organized.

Step 4: Create Your First Campaign

Campaigns represent high-level security initiatives or projects.

Creating a Campaign

1. Navigate to Operations → Campaigns
2. Click Create Campaign
3. Enter campaign details:
4. Name: Campaign name (e.g., "Q1 2024 External Assessment")
5. Organization: Select the organization you created
6. Description: Campaign objectives and scope
7. Start Date: When the campaign begins
8. End Date: When the campaign concludes
9. Click Create

📸 Screenshot: Create Campaign Form

Step 5: Create an Engagement

Engagements represent specific security testing activities within a campaign.

Creating an Engagement

1. Navigate to Operations → Engagements
2. Click Create Engagement
3. Fill in engagement details:
4. Name: Engagement name (e.g., "External Web Application Test")
5. Campaign: Select your campaign
6. Type: Select engagement type (Penetration Test, Red Team, etc.)
7. Scope: Define what's in scope
8. Start/End Dates: Engagement timeline
9. Click Create

📸 Screenshot: Create Engagement Form

Step 6: Run Your First Scan

Now for the exciting part - let's run a security scan!

Option A: Using a Runbook (Recommended for Beginners)

Runbooks are pre-configured security testing workflows.

1. Navigate to Attack Platform → Runbooks
2. Browse available runbooks:
3. Web Application Scan: Comprehensive web app testing
4. Network Discovery: Port scanning and service enumeration
5. Subdomain Enumeration: Discover subdomains
6. SSL/TLS Analysis: Certificate and configuration testing
7. Click on a runbook to view details
8. Click Execute Runbook
9. Configure execution parameters:
10. Target: Enter your target (URL, IP, or domain)
11. Engagement: Select your engagement
12. Options: Customize scan parameters (optional)
13. Click Start Execution

📸 Screenshot: Runbook Execution Configuration

Option B: Using the APHIDS CLI

For command-line enthusiasts:

# Execute a runbook via CLI
aphids-cli \
  --api-key YOUR_API_KEY \
  --api-url https://api.hive.darksidesecurity.io \
  --runbook RUNBOOK_ID \
  --target-url https://example.com \
  --engagement ENGAGEMENT_ID

Get Your API Key

Navigate to Configuration → Settings → API Keys to generate your API key.

Step 7: Monitor Scan Progress

Viewing Active Scans

1. Navigate to Automation Engine → Scan Executions
2. You'll see your scan listed with:
3. Status: Running, Completed, or Failed
4. Progress: Percentage complete
5. Start Time: When the scan began
6. Estimated Completion: When it will finish

📸 Screenshot: Scan Executions List

Real-Time Monitoring

Click on a running scan to view:

• Module Progress: Which security tools are running
• Live Output: Real-time scan results
• Discovered Assets: Assets found so far
• Findings: Security issues discovered

📸 Screenshot: Scan Execution Details

Step 8: Review Results

Once your scan completes, it's time to analyze the results.

Viewing Discovered Assets

1. Navigate to Assets → All
2. You'll see all assets discovered during your scan:
3. URLs
4. Hosts
5. IP Addresses
6. Ports
7. DNS Records
8. Applications

📸 Screenshot: Asset Inventory

Analyzing Vulnerabilities

1. Navigate to Intelligence → Discovered Vulnerabilities
2. Review vulnerabilities by:
3. Severity: Critical, High, Medium, Low
4. CVSS Score: Numerical risk rating
5. Asset: Which asset is affected
6. Status: New, Confirmed, Remediated

📸 Screenshot: Vulnerability List

Viewing Findings

1. Navigate to Intelligence → Attack Findings
2. Explore detailed findings including:
3. Description: What was found
4. Evidence: Proof of the finding
5. Impact: Potential security impact
6. Remediation: How to fix it

📸 Screenshot: Finding Details

Step 9: Visualize Your Attack Surface

Hive provides powerful visualization tools to understand asset relationships.

Using the Graph Viewer

1. Navigate to Assets → All
2. Click the Graph View button
3. Explore the interactive graph:
4. Nodes: Represent assets
5. Edges: Show relationships
6. Colors: Indicate asset types
7. Zoom/Pan: Navigate the graph

📸 Screenshot: Asset Graph Visualization

Graph Navigation

• Click and drag to pan
• Scroll to zoom
• Click a node to see details
• Double-click to expand relationships

Step 10: Generate a Report

Create professional reports for stakeholders.

Creating a Report

1. Navigate to Intelligence → Tactical Reporting Engine
2. Click Create Report
3. Configure report parameters:
4. Report Type: Executive Summary, Technical Report, etc.
5. Scope: Select engagement or campaign
6. Include: Choose what to include (assets, vulnerabilities, findings)
7. Format: PDF, HTML, or Markdown
8. Click Generate Report

📸 Screenshot: Report Generation Interface

Next Steps

Congratulations! You've completed your first security scan with Hive. Here's what to explore next:

Beginner Level

• ✅ Complete first scan
• Create custom runbooks
• Explore asset types
• Understand vulnerability scoring

Intermediate Level

• Build attack trees
• Install APHIDS CLI
• Set up API integration
• Configure automated scheduling

Advanced Level

• Design complex workflows
• Customize modules
• Implement CI/CD integration
• Build custom reporting

Common First-Time Questions

How long does a typical scan take?

Scan duration varies based on scope and modules used:

• Quick scan (basic enumeration): 5-15 minutes
• Standard scan (comprehensive): 30-60 minutes
• Deep scan (extensive testing): 2-4 hours

You can monitor progress in real-time from the Scan Executions page.

Can I pause or stop a running scan?

Yes! Navigate to the scan execution and click the Stop button. You can resume later or start a new scan.

What if I don't see any results?

Common reasons:

• Scan is still running (check status)
• Target is unreachable (verify connectivity)
• Scope restrictions (check engagement scope)
• Firewall blocking (ensure Hive IPs are whitelisted)

How do I add team members?

Navigate to Configuration → Users → Invite User. Enter their email and assign appropriate roles.

Is my data secure?

Yes! All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Scans run in isolated Docker containers. See our Security & Privacy section for details.

Getting Help

Need assistance?

• 📖 Search Documentation: Use the search bar above
• 💬 Community Forums: Connect with other users
• 📧 Support Email: support@darksidesecurity.io

---

Ready to dive deeper?

Explore the Hive Platform Guide →