Hawk - Installation

Prerequisites

Before installing Hawk, ensure your environment meets the following requirements:

System Requirements: Windows operating system with administrator access
Network Requirements: Connectivity to the following sites & services:

PowerShell Gallery
Graph API
Microsoft 365 services

PowerShell Edition: Desktop or Core
PowerShell Version: PowerShell 5.0 or above

To check your PowerShell version, run:

$PSVersionTable

Installation Steps

1. Prepare PowerShell Environment

Run the following command in a PowerShell session with administrator privileges to set the execution policy:

Set-ExecutionPolicy RemoteSigned

This command allows scripts to run securely on your system.

2. Install Hawk Module

To install the Hawk module from the PowerShell Gallery, use this command:

Install-Module -Name Hawk

This will download and install the Hawk module on your system.

3. Required Dependencies

When you install Hawk, it automatically handles all required dependencies. All these modules enable connectivity to Microsoft 365 services and are essential for Hawk's functionality. The following modules will be installed your system:

PSFramework (v1.12.346 or later)
PSAppInsights (v0.9.6 or later)
ExchangeOnlineManagement (v3.0.0 or later)
Microsoft.Graph.Authentication (v2.25.0 or later)
Microsoft.Graph.Identity.DirectoryManagement (v2.25.0 or later)
Microsoft.Graph.Users (v2.25.0 or later)
Microsoft.Graph.Applications (v2.25.0 or later)
Microsoft.Graph.Identity.Signins (v2.25.0 or later)
Microsoft.Graph.Reports (v2.25.0 or later)

4. Import Hawk Module

To load the Hawk module in your current PowerShell session, run:

Import-Module Hawk

This command loads the Hawk module, making all its commands available for use in your current session.

Installation Verification

1. Verify Installation

To verify your installation, open a new PowerShell session and run:

Get-Module Hawk -ListAvailable

This command should display information about the installed Hawk version.

2. Available Commands

To see all available commands in Hawk, run:

Get-Command -Module Hawk

This will list all functions available in Hawk. While most of these functions are automatically executed during tenant or user investigations, they can also be run individually for targeted analysis.

3. Help Documentation

Hawk provides detailed help documentation for all commands. To view help for any command, use Get-Help followed by the command name. For example:

View help for tenant investigation:

Get-Help Start-HawkTenantInvestigation

View help for user investigation:

Get-Help Start-HawkUserInvestigation

Additional Support

If you encounter installation issues or need assistance:

Visit our support page to submit an issue or to contact the Hawk team
Check the troubleshooting guide for common issues and their solutions

Spread Your Wings

Go Back

Review the previous section: Hawk Overview.

Circle Back

Up Next

Enable Hawk to hunt, by configuring cloud permissions.

Fly Ahead

User Guide:

Installing Hawk