Active Directory Pentest Mindmap 2k25

Full view and regulary updated Active Directory Pentest mindmap is available on orange cyberdefense mindmap site : https://orange-cyberdefense.github.io/ocd-mindmaps/img/mindmap_ad_dark_classic_2025.03.excalidraw.svg

Upgrade

• A lot of stuff (timeroasting, SCCM attacks, adcs 11-15,…)
• But the main upgrade is the generation from markdown !
  • Now we can integrate pull request easily.
  • All the map is entirely generated from markdown file, no user interaction.
• Exemple this markdown text :

# Container title

## Mindmap >>> Mindmap
- Create a mindmap
  - `python3 main.py -f <folder>`
    - `excalidraw`

## Second subject
- Info
  - `command`
    - `sub command with link`
[https://example.com](https://example.com)
    - `command CVE` @CVE@
- Bloc CVE @CVE@

## Out box >>> out A >>> out B || out C >>> out D
- Level1
  - Level2
    - Level3
- `1 Command` >>> out box of command 2 & 2bis
  - `2 Command`
    - `3 Command` >>> out box of command 3
  - `2bis command`
- Level1
  - `Level2`
    - Level3

• result in the following image

• A yml config file is present in the mindmap folder to arrange all the files (container) and give the color mapping and the tools link mapping.

Source code

• The source code of the mindmap is here : https://github.com/Orange-Cyberdefense/ocd-mindmaps
• The generation use a tool (in fact it was a poc at the begening, which finaly became a tool) : excalimap
• The tool use python to parse a folder containing md files and generate an output in excalidraw format.
• Then i use the project https://github.com/realazthat/excalidraw-brute-export-cli to export the excalimap rendering automatically to svg files.
• The tool support two styles (light and dark) and two themes (handraw and classic)
• The ocd mindmap is given in the output style classic/dark

Mindmap rendering

If you want to see the mindmap in the other rendering i give you the svgs here :

• handraw dark:

• classic light:

• handraw light: