Breakout testing, also known as Desktop Breakout, is a specific type of security testing that focuses on evaluating the effectiveness of endpoint security controls. In a breakout testing scenario, a penetration tester is given access to a desktop with generic user-level credentials and tasked with identifying any restrictions that have been implemented to prevent unauthorized access or data theft. The tester will then attempt to bypass these restrictions and gain access to the underlying device or unrestricted access to the desktop.

Many organizations implement security measures to their desktop environments to ensure that users only have access to the software and features that they need. These measures can include restricting access to certain folders or files, disabling certain applications or features, and limiting the ability to install new software or change system settings. While these measures can be effective in limiting an attacker's ability to progress their attack, it is difficult to ensure that a desktop is completely secure.

During a breakout testing engagement, a penetration tester will use a variety of techniques to attempt to bypass these restrictions and gain access to the underlying device or unrestricted access to the desktop. These techniques can include exploiting vulnerabilities in the operating system or installed applications, using social engineering tactics to trick users into granting access or revealing sensitive information, or leveraging misconfigured or weak access controls.

The goal of breakout testing is to identify weaknesses in the endpoint security controls that could allow an attacker to gain unauthorized access to sensitive data or systems. The results of the testing can then be used to improve security measures and prevent future attacks.

‍