Quick Start Guide¶
Get up and running with Hive in 5 minutes! This guide will walk you through your first security scan.
Prerequisites¶
Before starting, ensure you have:
- Hive account (or learn more about Hive)
- Web browser
- (Optional) Docker installed for CLI usage
5-Minute Quick Start¶
Step 1: Log In (30 seconds)¶
- Navigate to your Hive instance URL (provided during onboarding)
- Enter your credentials
- Click Sign In
Step 2: Create an Engagement (1 minute)¶
- Click Operations → Engagements in the sidebar
- Click Create Engagement
- Fill in basic details:
- Name: "Quick Start Test"
- Type: "Penetration Test"
- Scope: Your test target (e.g.,
example.com) - Click Create
Test Safely
Only test targets you own or have explicit permission to test. Use a test environment if available.
Step 3: Run Your First Scan (30 seconds)¶
- Navigate to Attack Platform → Runbooks
- Find "Web Application Scan" runbook
- Click Execute
- Configure:
- Target: Enter your target URL (e.g.,
https://example.com) - Engagement: Select "Quick Start Test"
- Click Start Execution
Step 4: Monitor Progress (2 minutes)¶
- Navigate to Automation Engine → Scan Executions
- Watch your scan progress in real-time
- See modules execute one by one
- View discovered assets as they're found
Step 5: View Results (1 minute)¶
Once complete:
- Navigate to Assets → All
- See all discovered assets
- Click Graph View to visualize relationships
- Navigate to Intelligence → Vulnerabilities to see findings
What Just Happened?¶
You just completed a comprehensive security scan that:
✅ Discovered Assets: Found URLs, hosts, IPs, ports, and applications
✅ Mapped Relationships: Connected assets to show your attack surface
✅ Identified Vulnerabilities: Discovered potential security issues
✅ Generated Intelligence: Created actionable security findings
Next Steps by Skill Level¶
🟢 Beginner: Learn the Basics¶
Goal: Understand core features and run basic scans
- Explore the Dashboard
- Understand key metrics
- Navigate the interface
-
Customize your view
- What are URLs, hosts, ports?
- How do assets relate?
-
View asset details
- Network Discovery
- Subdomain Enumeration
- SSL/TLS Analysis
Estimated Time: 1-2 hours
🟡 Intermediate: Advanced Features¶
Goal: Create custom testing strategies and automate workflows
- Create Custom Runbooks
- Design your own workflows
- Configure module options
-
Save and share runbooks
- Set up command-line interface
- Run scans from terminal
-
Automate with scripts
- Create complex scenarios
- Add conditional logic
- Simulate real attacks
Estimated Time: 3-5 hours
🔴 Advanced: Master the Platform¶
Goal: Integrate Hive into your security operations
- API Integration
- Authenticate with API
- Automate scan execution
-
Retrieve results programmatically
- Add security testing to pipelines
- Automate continuous scanning
-
Break builds on findings
- Create your own tools
- Integrate proprietary scanners
- Extend platform capabilities
Estimated Time: 5-10 hours
Common First Scans¶
1. External Web Application Test¶
Target: Public-facing web application
Duration: 15-30 minutes
Runbook: "Web Application Scan"
What it does: - Subdomain enumeration - Port scanning - Web server fingerprinting - Vulnerability scanning - SSL/TLS analysis
Use when: - Testing external websites - Pre-deployment security checks - Compliance requirements
2. Network Discovery¶
Target: IP range or CIDR block
Duration: 10-20 minutes
Runbook: "Network Discovery"
What it does: - Host discovery - Port scanning - Service enumeration - OS fingerprinting
Use when: - Internal network assessment - Asset inventory - Network mapping
3. Subdomain Enumeration¶
Target: Domain name
Duration: 5-15 minutes
Runbook: "Subdomain Enumeration"
What it does: - DNS enumeration - Subdomain discovery - Certificate transparency logs - Brute force enumeration
Use when: - Reconnaissance phase - Attack surface mapping - Finding forgotten assets
4. API Security Test¶
Target: API endpoint
Duration: 20-40 minutes
Runbook: "API Security Scan"
What it does: - Endpoint discovery - Authentication testing - Authorization checks - Input validation - Rate limiting tests
Use when: - Testing REST APIs - GraphQL security - Microservices assessment
Quick Reference Commands¶
APHIDS CLI Quick Commands¶
# Run a runbook
aphids-cli \
--api-key YOUR_KEY \
--runbook RUNBOOK_ID \
--target-url https://example.com \
--engagement ENGAGEMENT_ID
# Run an attack tree
aphids-cli \
--api-key YOUR_KEY \
--attack-tree TREE_ID \
--target-url https://example.com \
--engagement ENGAGEMENT_ID
# Offline scan
aphids-cli \
--options options.yaml \
--config config.yaml
# Verbose output
aphids-cli \
--options options.yaml \
--config config.yaml \
--verbose
Docker Quick Commands¶
# Pull latest container
docker pull ghcr.io/darksidesecurity/aphids:latest
# Check container version
docker run ghcr.io/darksidesecurity/aphids:latest --version
# Run container manually
docker run -v $(pwd):/workspace \
ghcr.io/darksidesecurity/aphids:latest \
python3 aphids.py --help
Troubleshooting Quick Start¶
Scan Not Starting¶
Symptoms: Scan stays in "Pending" state
Solutions: 1. Check engagement scope includes target 2. Verify target is reachable 3. Check API key permissions 4. Review scan execution logs
No Results Found¶
Symptoms: Scan completes but no assets discovered
Solutions: 1. Verify target is correct format 2. Check target is online and reachable 3. Review firewall/network restrictions 4. Try a simpler scan first (e.g., just Nmap)
Permission Denied¶
Symptoms: "Access Denied" or "Unauthorized" errors
Solutions: 1. Verify API key is valid 2. Check user permissions 3. Ensure engagement is active 4. Confirm license is valid
Docker Issues¶
Symptoms: Container won't start or crashes
Solutions:
1. Ensure Docker is running: docker ps
2. Pull latest container: docker pull ghcr.io/darksidesecurity/aphids:latest
3. Check disk space: docker system df
4. Review Docker logs: docker logs CONTAINER_ID
Quick Tips¶
💡 Pro Tips¶
- Start Small: Test with a single target before scanning large ranges
- Use Test Environments: Practice on test systems before production
- Check Scope: Always verify you have authorization
- Monitor Progress: Watch scans in real-time to catch issues early
- Save Runbooks: Create reusable runbooks for common scenarios
🎯 Best Practices¶
- Document Everything: Add notes to engagements and findings
- Tag Assets: Use tags to organize and filter
- Review Regularly: Check results daily during active testing
- Collaborate: Share findings with team members
- Update Often: Keep runbooks and modules current
Learning Path¶
Follow this path to master Hive:
graph TD
A[Quick Start] --> B[Basic Scans]
B --> C[Custom Runbooks]
C --> D[Attack Trees]
D --> E[CLI Usage]
E --> F[API Integration]
F --> G[Advanced Workflows]
style A fill:#667eea
style G fill:#30cfd0
Week 1: Foundations¶
- Complete Quick Start ✅
- Run 5 different runbooks
- Explore all asset types
- Create first custom runbook
Week 2: Intermediate Skills¶
- Install APHIDS CLI
- Run CLI scans
- Build first attack tree
- Generate first report
Week 3: Advanced Features¶
- API integration
- Automated scanning
- Custom modules
- Team collaboration
Week 4: Mastery¶
- CI/CD integration
- Complex workflows
- Custom reporting
- Platform optimization
Quick Start Checklist¶
Track your progress:
- Logged into Hive platform
- Created first engagement
- Ran first scan
- Viewed discovered assets
- Explored graph visualization
- Reviewed vulnerabilities
- Generated first report
- Installed APHIDS CLI (optional)
- Ran CLI scan (optional)
- Created custom runbook (optional)
Get Help¶
Stuck? We're here to help:
- 📖 Full Documentation - Comprehensive guides
- 💬 Community Forums - Ask questions, share tips
- 📧 support@darksidesecurity.io - Direct support
- 🎓 Video Tutorials - Visual learning resources
What's Next?¶
Choose your path:
🌐 Explore Hive Platform
Deep dive into all platform features and capabilities.
🎉 Congratulations!
You've completed your first Hive scan. You're now ready to explore more advanced features!
Keep learning, keep securing! 🐝