Citrix, VMware & VDI Breakout Testing
Most VDI breakout paths take under ten minutes. We test Citrix Virtual Apps and Desktops, VMware Horizon, Azure Virtual Desktop, and Microsoft RDS to determine whether a compromised user account can escape the restricted session, escalate privileges, and reach your domain controllers. Whether you have added published applications since your last hardening review, or need validation before migrating to a new platform, we test what your own team cannot.
Why restricting cmd.exe is not enough.
Your team blocked cmd.exe and called it hardened. An attacker with the LOLBAS catalogue has 150+ signed Microsoft binaries that AppLocker trusts by default.
Executable Blocklisting
- Blocks cmd.exe and PowerShell by name
- Leaves certutil, mshta, regsvr32, rundll32 untouched
- Cannot prevent COM object invocation or WSL Bash
- Appears compliant. Fails against a determined attacker.
Professional Breakout Test
- Tests using LOLBAS binaries, COM objects, and file dialog escape vectors
- Post-breakout privilege escalation and lateral movement to AD
- Remediation guide with specific GPO, AppLocker, and Citrix policies
- Proves whether your boundary actually holds under real attack conditions
VDI Breakout Risk Profile
These are not projections. They are patterns from VDI breakout assessments conducted for UK mid-market organisations running Citrix, VMware Horizon, and Azure Virtual Desktop.
Average Time to Breakout
Most VDI environments are escaped in under ten minutes using file dialog exploitation or LOLBin execution.
Environments with Breakout Path
The majority of VDI deployments we test have at least one viable escape route. AppLocker policies are rarely reviewed after initial deployment.
Compliance Frameworks Covered
PCI DSS 11.3, NHS DSPT, and ISO 27001 A.12.6 all require independent testing of systems processing regulated data.
Controls
Four platforms. One methodology.
Our breakout methodology extends across the full VDI platform landscape. For AVD alongside cloud infrastructure, we also offer dedicated cloud penetration testing.
| Capability | Citrix CVAD | VMware Horizon | Azure VD | Microsoft RDS |
|---|---|---|---|---|
| Application Breakout | ||||
| Kiosk Escape | N/A* | |||
| AppLocker / SRP Bypass | ||||
| Privilege Escalation | ||||
| Lateral Movement | ||||
| Clipboard/Drive Mapping | ||||
| Session Hijacking | ||||
| Hardening Guide |
Full-chain breakout testing.
We emulate a malicious insider or compromised vendor with restricted access. The goal: escape the session, gain command line access, escalate privileges, and attack the internal network.
Application Breakout
We abuse features in published applications to escape the restricted session. File Open/Save As dialogs provide UNC path traversal to C:\Windows\System32. Help dialogs, browser address bars, and COM object invocation via wscript.shell all provide alternative escape routes. Sticky keys bypass, Ease of Access abuse, and keyboard shortcut exploitation ( Ctrl+Esc, Win+R) are tested systematically.
AppLocker Bypass via LOLBAS
Application whitelisting (AppLocker, SRP) is bypassed using living-off-the-land binaries already present on the session host. We test execution via certutil, mshta, regsvr32, rundll32, DLL hijacking, and PowerShell constrained language mode escapes. These are signed Microsoft binaries that AppLocker trusts by default.
Privilege Escalation
After breakout, we attempt to escalate from standard user to SYSTEM on the session host. Unquoted service paths, misconfigured scheduled tasks, writable service binaries, and local credential harvesting via LSASS are all assessed. Multi-user session hosts often expose credentials from other logged-in users.
Internal Network Pivot
The Citrix session host sits inside your corporate perimeter. Once we have OS-level access, we use the server as a jumpbox to scan internal subnets, attack Active Directory domain controllers, enumerate file shares, and pivot to systems that no external attacker should reach. This is where a breakout test becomes an internal network penetration test.
Clipboard and Drive Mapping
Clipboard redirection between the VDI session and the local endpoint is tested for unrestricted data transfer. Client drive mapping and USB redirection policies are assessed alongside DLP controls at the session boundary. Sensitive data including credentials, patient records, and financial documents can be exfiltrated passively when these channels are misconfigured.
Session Hijacking and Isolation
Disconnected VDI sessions that are not terminated properly can be resumed by unauthorised users. We test session token management, idle timeout enforcement, and multi-user session isolation on shared host pools. AVD deployments using pooled host pools are tested for cross-user process and profile data leakage.
How the Engagement Works
Testing can be conducted during business hours using only a standard user account. No disruption to production sessions. No privileged access required.
Access Provisioning
You create a standard restricted user account. We connect via your Citrix Gateway, Horizon Connection Server, or AVD portal exactly like a remote user. No VPN, no admin access, no agents.
Breakout Attempt
Systematic testing of every escape vector: file dialog exploitation, keyboard shortcuts, COM object invocation, LOLBin execution, AppLocker bypass, and browser abuse. 2 to 3 days of active testing.
Post-Exploitation
After breakout, we escalate privileges, harvest credentials, enumerate the internal network, and pivot to domain controllers. We stop at agreed scope boundaries.
Hardening Report
Full technical report with CVSS-scored findings, executive summary, and a remediation guide containing specific GPO configurations, AppLocker rules, and Citrix policy settings.
What You Get
Every VDI breakout engagement includes the following deliverables, formatted for both technical teams and non-technical stakeholders.
Reports are delivered via encrypted portal with role-based access.
When Do Organisations Commission This Test?
VDI breakout testing is typically triggered by one of these six scenarios. If any of these apply, you are in the right place.
Pen Test Flagged Untested VDI
A previous penetration test report identified your VDI environment as out of scope. The board wants it tested before the next audit cycle.
New Published Apps Since Last Hardening
Your team has added published applications, changed GPO inheritance, or updated AppLocker policies since the original VDI build. Drift happens.
Migrating to AVD or VMware Horizon
You are moving from on-premises Citrix to Azure Virtual Desktop or VMware Horizon and need independent validation before go-live.
Third-Party or Contractor Access via VDI
External vendors and contractors connect to your network through Citrix or VDI. You need assurance that the session boundary actually holds.
Compliance Audit Approaching
PCI DSS 11.3, NHS DSPT, or ISO 27001 A.12.6 requires independent testing of systems in scope. Your VDI environment processes regulated data.
Kiosk or Shared Terminal Deployment
Retail PoS, NHS check-in terminals, or public-sector self-service kiosks running in restricted mode. Physical access is a given. The question is whether the restriction holds.
Transparent pricing.
Fixed-price quotes after a free scoping call. No day-rate surprises.
Single-Platform Assessment
Citrix CVAD, VMware Horizon, or Microsoft RDS
Azure Virtual Desktop
AVD host pool isolation, FSLogix, session boundary testing
Multi-Platform / Enterprise
Multiple VDI platforms, complex AppLocker, multiple user roles
Close the Loop.
After the Test.
Post-breakout, an attacker is inside your perimeter. These services cover what happens next: hardening the image, monitoring the sessions, and testing the network beyond the VDI boundary.
Scope a Combined EngagementInternal Network Pentest
Full scope after breakout. Lateral movement, AD attacks, segmentation testing.
AD Security Assessment
Domain compromise paths, Kerberoasting, credential harvesting.
Managed Detection & Response
24/7 VDI session monitoring with custom detection rules.
Configuration Reviews
GPO and AppLocker policy audit against industry standard benchmarks.
Full Penetration Testing Catalogue
Comprehensive penetration testing services tailored to your environment.
Internal Testing
Post-perimeter assessments targeting Active Directory, lateral movement, privilege escalation, and segmentation validation from inside your network.
The best time to test your defences is now.
Join the high-growth companies relying on Precursor for continuous offensive and defensive security.
Frequently Asked Questions
Common questions about this service, methodologies, and deliverables.
Citrix and VDI breakout testing typically costs between £3,750 and £6,250 depending on environment complexity and number of published applications. A standard Citrix or VMware Horizon assessment averages £3,750 for 3 days of testing covering desktop breakout attempts, AppLocker bypass, clipboard and drive mapping abuse, and privilege escalation. Complex environments with multiple published applications, different user roles, or Azure Virtual Desktop (AVD) typically cost £5,000 to £6,250. All pricing includes a full technical report and hardening guide. We provide fixed-price quotes after understanding your VDI architecture.
No. You create a test user account with the same restrictions as a standard third-party or remote user and provide us with credentials. We access it remotely via your Citrix Gateway, VMware Horizon Connection Server, or Azure Virtual Desktop portal, exactly like a normal user. No VPN, no admin access, no agents installed.
Yes. We test Citrix Virtual Apps and Desktops (CVAD), VMware Horizon, Azure Virtual Desktop, and Microsoft Remote Desktop Services (RDS). Each platform has platform-specific breakout vectors. Azure Virtual Desktop, for example, does not use traditional kiosk mode, so our testing adapts accordingly. Multi-platform environments are priced based on the number of distinct session host configurations.
It is low risk. Breakout techniques are local to the test session and do not affect other users. If we successfully break out and begin scanning the internal network, this generates traffic that could trigger IDS alerts. We coordinate the post-exploitation phase closely with your team and stop at agreed scope boundaries.
Disabling cmd.exe is not enough. Attackers bypass AppLocker using signed Microsoft binaries (LOLBins) like certutil, mshta, regsvr32, and rundll32. They can use PowerShell constrained language mode escapes, WScript, WSL Bash, or Windows Explorer to execute code. Blocklisting individual executables fails against an attacker who knows the LOLBAS catalogue. We test whether your allowlisting policy is actually effective against the full spectrum of bypass techniques.
The deliverable is a full technical report documenting every breakout technique attempted, the result of each attempt (successful breakout, partial restriction bypass, or blocked), CVSS-scored findings, and a remediation guide with specific GPO configurations, AppLocker policy rules, and Citrix session policy settings. The executive summary is written for non-technical stakeholders. The report format is accepted by ISO 27001 auditors, Cyber Essentials assessors, and risk committees. We can provide a sample report structure before engagement.
A single-platform engagement (Citrix, VMware Horizon, or RDS) takes 2 to 3 days of active testing. Multi-platform or enterprise assessments with complex AppLocker policies and multiple published application pools take 3 to 5 days. Testing requires only a standard user account and internet access to your Citrix Gateway or Horizon Connection Server. No disruption to production sessions.
Yes. We extend our VDI breakout methodology to Windows Assigned Access (single-app kiosks), Shell Launcher configurations, and any restricted session environment. Common in retail point-of-sale, NHS patient check-in kiosks, and public-sector self-service terminals. Testing covers AppLocker bypass, keyboard shortcut exploitation, accessibility feature abuse, and boot device access. Kiosk testing can be added to a standard Citrix/VDI breakout engagement or scoped as a standalone assessment.
Kiosk mode breakout testing assesses Windows environments configured to restrict users to a single application or locked-down desktop interface. Common examples include public-facing terminals, shared workstations, and restricted contractor access environments. We test whether an attacker with physical or remote access to a kiosk-mode session can escape to a standard Windows desktop, execute arbitrary code, or access resources outside the intended application scope. Techniques include keyboard shortcut exploitation, sticky keys bypass, URI handler abuse, and accessibility feature abuse.
No framework mandates VDI breakout testing by name, but several create the audit condition that makes it necessary. PCI DSS Requirement 11.3 (penetration testing of in-scope systems) applies to any VDI environment used to access cardholder data. NHS DSPT mandates independent security testing for systems processing patient data, which includes Citrix-delivered clinical applications. ISO 27001 A.12.6 (technical vulnerability management) requires that all systems are assessed, including virtualised environments. CREST-accredited testing satisfies the independent assessment requirement across all three frameworks.