improve related software

src/components/ToolMatrix.astro

@@ -520,6 +520,7 @@ domains.forEach((domain: any) => {
     `;
     
     const relatedConcepts = tool.related_concepts || [];
+    const relatedSoftware = tool.related_software || [];    
     if (relatedConcepts.length > 0 && modalType === 'primary') {
       const conceptLinks = relatedConcepts.map(conceptName => {
         const concept = toolsData.find(t => t.name === conceptName && t.type === 'concept');
@@ -555,6 +556,49 @@ domains.forEach((domain: any) => {
         </div>
       `;
     }
+
+    if (relatedSoftware.length > 0 && modalType === 'primary') {
+      const softwareLinks = relatedSoftware.map(softwareName => {
+        const software = toolsData.find(t => t.name === softwareName && (t.type === 'software' || t.type === 'method'));
+        if (software) {
+          const isHosted = window.isToolHosted(software);
+          const isSoftwareMethod = software.type === 'method';
+          const bgColor = isSoftwareMethod ? 'var(--color-method-bg)' : 
+                          isHosted ? 'var(--color-hosted-bg)' : 'var(--color-oss-bg)';
+          const borderColor = isSoftwareMethod ? 'var(--color-method)' : 
+                              isHosted ? 'var(--color-hosted)' : 'var(--color-oss)';
+          
+          return `<button class="tag cursor-pointer" style="background-color: ${bgColor}; border: 1px solid ${borderColor}; color: ${borderColor}; transition: var(--transition-fast);" 
+                    onclick="event.stopPropagation(); window.showToolDetails('${softwareName}', 'secondary')" 
+                    onmouseover="this.style.backgroundColor='${borderColor}'; this.style.color='white';"
+                    onmouseout="this.style.backgroundColor='${bgColor}'; this.style.color='${borderColor}';">
+                    ${softwareName}
+                  </button>`;
+        }
+        return `<span class="tag" style="background-color: var(--color-bg-tertiary); color: var(--color-text-secondary);">${softwareName}</span>`;
+      }).join('');
+
+      const isMobile = window.innerWidth <= 768;
+      const collapseOnMobile = isMobile && relatedSoftware.length > 2;
+
+      tagsHTML += `
+        <div class="mt-4">
+          <div class="flex items-center gap-2 mb-2">
+            <strong style="color: var(--color-text);">Verwandte Software:</strong>
+            ${collapseOnMobile ? `
+              <button id="software-toggle-${modalType}" 
+                      onclick="this.nextElementSibling.style.display = this.nextElementSibling.style.display === 'none' ? 'block' : 'none'; this.textContent = this.textContent === '▼' ? '▲' : '▼';"
+                      class="btn-icon text-xs">
+                ▼
+              </button>
+            ` : ''}
+          </div>
+          <div ${collapseOnMobile ? 'class="hidden"' : ''} class="flex flex-wrap gap-1">
+            ${softwareLinks}
+          </div>
+        </div>
+      `;
+    }
     
     elements.tags.innerHTML = tagsHTML;
     

src/data/tools.yaml.example

@@ -1,213 +0,0 @@
-# This is a minimal example file of the real knowledgebase in ./src/data/tools.yaml
-  - name: Rapid Incident Response Triage on macOS
-    icon: 📋
-    type: method
-    description: >-
-      Spezialisierte Methodik für die schnelle Incident Response auf
-      macOS-Systemen mit Fokus auf die Sammlung kritischer forensischer
-      Artefakte in unter einer Stunde. Adressiert die Lücke zwischen
-      Windows-zentrierten IR-Prozessen und macOS-spezifischen
-      Sicherheitsarchitekturen. Nutzt Tools wie Aftermath für effiziente
-      Datensammlung ohne zeitaufwändige Full-Disk-Images. Besonders wertvoll für
-      Unternehmensumgebungen mit gemischten Betriebssystem-Landschaften.
-    domains:
-      - incident-response
-      - static-investigations
-      - malware-analysis
-    phases:
-      - data-collection
-      - examination
-    platforms: []
-    related_concepts: null
-    domain-agnostic-software: null
-    skillLevel: intermediate
-    accessType: null
-    url: >-
-      https://www.sans.org/white-papers/rapid-incident-response-on-macos-actionable-insights-under-hour/
-    projectUrl: null
-    license: null
-    knowledgebase: null
-    tags:
-      - macos
-      - rapid-response
-      - triage
-      - incident-response
-      - aftermath
-      - enterprise
-      - methodology
-      - apple
-  - name: Aftermath
-    icon: 📦
-    type: software
-    description: >-
-      Jamf's Open-Source-Tool für die schnelle Sammlung forensischer Artefakte
-      auf macOS-Systemen. Sammelt kritische Daten wie Prozessinformationen,
-      Netzwerkverbindungen, Dateisystem-Metadaten und Systemkonfigurationen ohne
-      Full-Disk-Imaging. Speziell entwickelt für die Rapid-Response-Triage in
-      Enterprise-Umgebungen mit macOS-Geräten. Normalisiert Zeitstempel und
-      erstellt durchsuchbare Ausgabeformate für effiziente Analyse.
-    domains:
-      - incident-response
-      - static-investigations
-      - malware-analysis
-    phases:
-      - data-collection
-      - examination
-    platforms:
-      - macOS
-    related_concepts: null
-    domain-agnostic-software: null
-    skillLevel: intermediate
-    accessType: download
-    url: https://github.com/jamf/aftermath/
-    projectUrl: ''
-    license: Apache 2.0
-    knowledgebase: false
-    tags:
-      - macos
-      - incident-response
-      - triage
-      - artifact-collection
-      - rapid-response
-      - jamf
-      - enterprise
-      - commandline
-  - name: Regular Expressions (Regex)
-    icon: 🔤
-    type: concept
-    description: >-
-      Pattern matching language for searching, extracting, and manipulating
-      text.  Essential for log analysis, malware signature creation, and data
-      extraction from  unstructured sources. Forms the backbone of many forensic
-      tools and custom scripts.
-    domains:
-      - incident-response
-      - malware-analysis
-      - network-forensics
-      - fraud-investigation
-    phases:
-      - examination
-      - analysis
-    platforms: []
-    related_concepts: null
-    domain-agnostic-software: null
-    skillLevel: intermediate
-    accessType: null
-    url: https://regexr.com/
-    projectUrl: null
-    license: null
-    knowledgebase: true
-    tags:
-      - pattern-matching
-      - text-processing
-      - log-analysis
-      - string-manipulation
-      - search-algorithms
-  - name: SQL Query Fundamentals
-    icon: 🗃️
-    type: concept
-    description: >-
-      Structured Query Language for database interrogation and analysis.
-      Critical for  examining application databases, SQLite artifacts from
-      mobile devices, and  browser history databases. Enables complex
-      correlation and filtering of large datasets.
-    domains:
-      - incident-response
-      - mobile-forensics
-      - fraud-investigation
-      - cloud-forensics
-    phases:
-      - examination
-      - analysis
-    platforms: []
-    related_concepts: null
-    domain-agnostic-software: null
-    skillLevel: intermediate
-    accessType: null
-    url: https://www.w3schools.com/sql/
-    projectUrl: null
-    license: null
-    knowledgebase: false
-    tags:
-      - database-analysis
-      - query-language
-      - data-correlation
-      - mobile-artifacts
-      - browser-forensics
-  - name: Hash Functions & Digital Signatures
-    icon: 🔐
-    type: concept
-    description: >-
-      Cryptographic principles for data integrity verification and
-      authentication.  Fundamental for evidence preservation, malware
-      identification, and establishing  chain of custody. Understanding of MD5,
-      SHA, and digital signature validation.
-    domains:
-      - incident-response
-      - static-investigations
-      - malware-analysis
-      - cloud-forensics
-    phases:
-      - data-collection
-      - examination
-    platforms: []
-    related_concepts: null
-    domain-agnostic-software: null
-    skillLevel: advanced
-    accessType: null
-    url: https://en.wikipedia.org/wiki/Cryptographic_hash_function
-    projectUrl: null
-    license: null
-    knowledgebase: false
-    tags:
-      - cryptography
-      - data-integrity
-      - evidence-preservation
-      - malware-identification
-      - chain-of-custody
-domains:
-  - id: incident-response
-    name: Incident Response & Breach-Untersuchung
-  - id: static-investigations
-    name: Datenträgerforensik & Ermittlungen
-  - id: malware-analysis
-    name: Malware-Analyse & Reverse Engineering
-  - id: fraud-investigation
-    name: Betrugs- & Finanzkriminalität
-  - id: network-forensics
-    name: Netzwerk-Forensik & Traffic-Analyse
-  - id: mobile-forensics
-    name: Mobile Geräte & App-Forensik
-  - id: cloud-forensics
-    name: Cloud & Virtuelle Umgebungen
-  - id: ics-forensics
-    name: Industrielle Kontrollsysteme (ICS/SCADA)
-phases:
-  - id: data-collection
-    name: Datensammlung
-    description: Imaging, Acquisition, Remote Collection Tools
-  - id: examination
-    name: Auswertung
-    description: Parsing, Extraction, Initial Analysis Tools
-  - id: analysis
-    name: Analyse
-    description: Deep Analysis, Correlation, Visualization Tools
-  - id: reporting
-    name: Bericht & Präsentation
-    description: >-
-      Documentation, Visualization, Presentation Tools (z.B. QGIS für Geodaten,
-      Timeline-Tools)
-domain-agnostic-software:
-  - id: collaboration-general
-    name: Übergreifend & Kollaboration
-    description: Cross-cutting tools and collaboration platforms
-  - id: specific-os
-    name: Betriebssysteme
-    description: Operating Systems which focus on forensics
-scenarios:
-  - id: registry
-    icon: 🗃️
-    friendly_name: "Registry-Analyse"
-  - id: memory-forensics
-    icon: 🧠
-    friendly_name: "Memory-Forensik"

src/utils/dataService.ts

@@ -21,6 +21,7 @@ const ToolSchema = z.object({
   accessType: z.string().optional().nullable(),
   'domain-agnostic-software': z.array(z.string()).optional().nullable(),
   related_concepts: z.array(z.string()).optional().nullable().default([]),
+  related_software: z.array(z.string()).optional().nullable().default([]), // Added this line
 });
 
 const ToolsDataSchema = z.object({