# Mimic Internal BAS (Breach & Attack Simulation) platform for the Red Team. Replays TTPs from engagement journals or an internal ATT&CK library against client infrastructure through VPN/relay, in white-glove coordination with the SOC. **Output**: a coverage report mapped to MITRE ATT&CK — measurable, reproducible, archived. ## Status `ready-with-prereqs` — spec frozen on 2026-05-19, 23 review patches integrated. Code start blocked on: - **PR1** — Mythic API documentation + pinned version (lead RT) - **PR2** — Internal C2 interface spec + journal export example (internal C2 team) - **PR3** — RT graphic charter for the PDF report (lead RT) While PR1/PR2/PR3 are open, sprint 0 focuses on the unblocked skeleton. ## Spec The authoritative spec lives in the RT-SecondBrain vault: `Projects/Mimic — Spec.md`. Do not duplicate it here. In-repo documentation: - `CHANGELOG.md` — chronological log of features, decisions, rollbacks. - `tasks/spec-decisions.md` — implementation arbitrations on top of the spec. - `tasks/todo.md` — current sprint backlog. ## Stack (frozen) - **Backend** Python 3.12 / Flask / Flask-SocketIO / SQLAlchemy 2 / Pydantic 2 / Alembic / WeasyPrint / pytest + testcontainers / ruff / mypy strict - **Frontend** TypeScript / React 18+ / Vite / Tailwind 4 / TanStack Query 5 / Recharts / Playwright - **Storage** Postgres (prod) / SQLite (unit tests only) - **Deploy** Docker + Ansible ## Layout ``` mimic/ ├── backend/ # Flask app, connectors, orchestrator, reporting, CLI ├── frontend/ # Vite + React app ├── docs/ # Architecture notes, ADRs, deployment └── tasks/ # Sprint backlog, decisions, lessons ``` ## Conventions - Branches: `feature/`, `fix/`, `docs/`, `chore/`. Long-lived: `main`. - Commits: Conventional Commits (`feat:`, `fix:`, `chore:`, `docs:`, `test:`, `refactor:`). - PRs: each branch → review (`code-reviewer`) → team-lead merges. No direct push to `main`. ## Build & run `make` targets land at the end of sprint 0. For now the repo is skeleton-only.