Getting Started with Hawkra
Hawkra is a vulnerability management and penetration testing platform built for security professionals and teams. It brings vulnerability scanning, asset management, and team collaboration into a single platform.
Deployment Options
Hawkra is available in two deployment modes:
- SaaS (Cloud-Hosted) — Sign up at hawkra.io and start immediately. Choose between a Free tier for individual use or Premium for teams and advanced features.
- Self-Hosted — Deploy on your own infrastructure using Docker. All data stays on your servers. See the Self-Hosted documentation for deployment instructions.
Creating Your Account
Head to hawkra.io and register with a display name, email, and password. After verifying your email, you are logged in and ready to create your first workspace.
For self-hosted instances, your administrator controls whether registration is available.
Securing Your Account
Hawkra supports multi-factor authentication via TOTP authenticator apps (Google Authenticator, Authy, 1Password, etc.) and email-based MFA on self-hosted instances. Enable MFA from Account Settings > Security.
Subscription Tiers
| Feature | Free | Premium | Self-Hosted |
|---|---|---|---|
| Assets per workspace | 10 | 1,000+ | Unlimited |
| Import formats | Nmap, Burp, BloodHound | + Nessus, OpenVAS, ZAP | All |
| AI Assistant | Limited monthly quota | Full access | Unlimited (local LLM) |
| TalonStrike | No | Yes | Yes |
| OSINT Tools | WHOIS, DNS only | All 5 tools | All 5 tools |
| Team Management | No | Yes | Yes |
| Remediation Tracking | No | Yes | Yes |
| Custom Report Logo | No | Yes | Yes |
Manage your subscription and billing from the Billing & Usage page, accessible via the user menu.
Platform Features
- Vulnerability Management — Import scan results from Nmap, Burp Suite, Nessus, OpenVAS, BloodHound, and OWASP ZAP. Track findings and manage remediation workflows.
- Asset & Network Management — Organize hosts, devices, and network segments. Track open ports, operating systems, and services.
- AI-Powered Analysis — Analyze vulnerabilities, get remediation suggestions, and accelerate your workflow with the built-in AI assistant.
- TalonStrike — Advanced active reconnaissance module for premium and self-hosted users.
- OSINT Toolkit — WHOIS lookups, DNS enumeration, and additional reconnaissance tools built into the platform.
- Compliance & Reporting — Map findings to compliance frameworks and generate branded PDF reports.
- Team Collaboration — Invite team members to workspaces with role-based access control (Owner, Editor, Remediation Analyst, Viewer).
- Threat Intelligence Dashboard — Stay current with the latest vulnerabilities and threat intelligence feeds.
- Audit Logging — Every action within a workspace is logged with user, timestamp, and IP address.
If you are setting up a self-hosted instance, start with the Self-Hosted documentation first, then return here once your instance is running.