This repository contains the source code for the Breach and Attack Simulation (BAS) Tools website, which is available at https://matteobregola.github.io/BASTools/ .
https://matteobregola.github.io/BASTools/ has been tought to gather knowledge about Breach and Attack Simulation Tools. In particular, the current version of the BASTools website offersthree main contributions:
- Technology: offers an in-depth examination of Breach and Attack Simulation (BAS) Tools, covering their use cases, benefits, and general methods of application within the cybersecurity domain. of their usage.
- Framework: introduces a systematic framework for evaluating Breach and Attack Simulation (BAS) Tools, focusing on their capabilities and enabling comparisons among different tools. compare it with others.The framework is exemplified through case study of MITRE CALDERA®.
- The Finder function is designed to assist in identifying the most effective Breach and Attack Simulation (BAS) Tools tailored to particular needs and objectives, thereby supporting the selection of the optimal cybersecurity solution.
The site is developed using Jekyll and Minimal Mistakes. Be sure to have Ruby and Bundler installed to test locally the website.
To run the server locally:
bundle exec jekyll serveThe website is currently in BETA. It needs a general review of its style and content. Additionally, many tools available on the market have not yet been evaluated.
If you are interested in evaluating a tool using the proposed framework, your analysis would be greatly appreciated and added to the website (see how to contact me in the About section).
Finally, migrating to a dynamic solution and using a database for storing and retrieving information about the tools could significantly enhance the website.