ParrotSec: Part 1 (Introduction)

Part 1 (Introduction)

ParrotSec: Part 1 (Introduction)

Good day again, fellow hackers! It has been a while since my last post, but I am back now with a new series on a very cool operating system that, I think, will throw Kali Linux out of business when it comes to hacking from a desktop PC or a laptop/notebook. That operating system is called Parrot Security OS, or "ParrotSec" for short.

While I still like Kali for ARM environments (like the Raspberry Pi) or as a chroot OS on my Android device (I will make a tutorial on that in the future), I still believe none of you should choose Kali blindly just because most of the tutorials on here are written for it.

While Kali has let me down a few times (the many bugs in Kali 2.0, for example...), ParrotSec hasn't failed me yet. I've been using it for about 6 months now, and I only encountered one bug in that entire time, which was the display manager not working after a system upgrade.

Yesterday, ParrotSec 2.0 (nicknamed "Helium") has been released, as a reaction to Kali 2.0. Kali 2.0 felt a bit rushed to me and had quite a few bugs, I didn't encounter a bug with ParrotSec 2.0 yet. So I think that now is the right time to make a series on ParrotSec and it's features.

Note: AppleDash48 already wrote an article on Parrot, but he didn't really explain how the many features can be used, which is what I am hoping to do with this (probably 4-part) series.

Image via parrotsec.org

Who Can Use ParrotSec?

ParrotSec is a very friendly pentesting distro and it is really suited for everyone! For the newbie, there is the cool theme and many automated features. The more experienced will love to have some of the must-have tools pre-installed with the OS, and many more available through the repositories. But it is also suitable for everyday use because it is closely based on Debian 8.

The Specs & Features

ParrotSec has a custom made Linux 4.1 kernel and is based on Debian 8. It uses the MATE dekstop environment, and "lightdm" as it's display manager. ParrotSec also comes with it's own theme.

That's it for the specifications of the OS, let's have a look at what features it has that Kali DOESN'T have!

  • Anti-Forensic tools. This is the thing that makes ParrotSec so useful. ParrotSec has many built-in anti-forensic tools. One of the most useful ones being a script called TCCP, which allows you to encrypt a single file, a partition, or even entire drives! furthermore, it also comes pre-installed with tools such as ZuluCrypt, and it has even more anti-forensic tools in the repositories.
  • Pandora's Box. This is a really useful tool. Each time you shut down your computer, the data in your RAM is "lost", but in reality it is still there. It kind of works like how files are being deleted in a hard drive. And just like you can recover deleted files, a forensic investigator can recover the data in your RAM, which gives away info on what programs you ran, what you did with those programs, what sites you might've visited, etc..

Pandora's Box is a tool that removes everything your OS stored in the RAM during your session, and it runs automatically at shutdown, or you can choose to run it manually, though that is not recommended.

  • RAM-only surfing. Another neat feature: ParrotSec has a special browser that allows you to surf with a "RAM-Only browser profile", which means iceweasel will not access your hard drive. This is really great if you need to look something up that absolutely nobody may see. While it is true that RAM-Only surfing leaves traces in the RAM, you shouldn't worry, because we have Pandora's Box!
  • Anonsurf. This is some kind of script made by the ParrotSec team that completely anonymizes you with just one click of a button, using TOR (though i don't like TOR anymore). Anonsurf automatically routes ALL your traffic through TOR, including your DNS requests to prevent DNS leaks.

I have been trying to get Anonsurf to work with I2P, but i am not close yet. I'll let you all know once i succeeded in it.

  • TOR and I2P out of the box Another thing why I hate Kali: TOR and I2P don't come out of the box.
  • And a lot more.

What This Series Will Cover:

  1. How to set up Parrot.
  1. How to encrypt a file, a directory, a partition, or an entire drive using TCCP and ZuluCrypt.
  1. How to use Anonsurf and other anonymity tools.

Conclusion

This is it for this part guys. This will be a short series, and probably a not so useful one. But I really want you guys to discover this amazing OS.

-Phoenix750

43 Comments

a little side note: for those who want to visit their homepage and already download parrot, you can go here.

-Phoenix750

When will the next tut ?

Competition is good, glad someone is posting on how to use a different OS also.

Kali is a good and reliable OS, but it misses out on a lot of things. Something I hope to point out in this series.

-Phoenix750

I agree. Besides the VM I have at college I actually use ZorinOS with different tools installed mainly because I don't like the stock Gnome look and feel, but also because I find myself installing stuff on Kali alot so I built my own with almost all the tools that sounded slightly useful to me.

And it's italian!

now, don't get too patriotic, Ciuffy! though i must say you Italians did a great job.

So I'm looking to install parrotsec but I'm wondering if I should download the standard version or the full version.

that depends on your needs. if you are just a beginner, you should go with the standard edition. if you are more advanced AND have enough space on your hard drive, you should go for the full version.

take note that at this date (16/09/2015), the ParrotSec team is still testing if all the tools work on their OS, so right now only the standard edition is availible.

Another note: you can always install the full version of parrot on a standard edition using:

apt get update && apt-get install tools-parrot-full

-Phoenix750

Look forward to the rest of this series. Think I'll download this now and have a poke around. Thanks.

This sounds like a great idea, Pheonix!
I would also encourage other users to explore different flavors of Linux.

Question: What is your favorite setup?

When I ask this I am asking how you prefer to run parrot, whether that be on a virtual machine, a usb live boot, a raspberry pi, etc. Also, what wireless cards do you use when you boot the raspberry pi version of parrot?

Once again fantastic idea for a post.
+1

I run parrot on a second 320GB hard drive in installed in my computer and i dual boot with Windows 10 using GRUB 2. i use Parrot 99% of the time though.

i use the Alfa adapter for my raspberry.

-Phoenix750

I am so excited about this serie. I was already searching for new sec-testing os after the kali 2.0 crashed on my computer. So I am really happy that you showed me something I have ever seen yet.

I am sorry for my bad English. It is my third language.

thanks alot phoenix.

got ios version.really appreciate your stuff.

This is great. I needed an intro to parrotsec I don't know much about it. Kudos!

ParrotSec seem Good but is there any different between Kail Linux and Parrotsec Commands ? and if there how can I get ParrotSec Commands ? "I know it is silly Question But I am newbie :D "

The similar tools should have the same commands. Obviosuly if one Distro has a tool and the other doesn't than the commands would not work unless you install it. Both based on Debian so you should be fine installing them.

agreed.

-Phoenix750

Sold!! Downloading right now!

How about support/repos/updates. 14th there was 2.0 release, today you can update parrot to 2.0.1 version. But for example aircrack-ng pocket is older than in Kali (mon0 instead of wlan0mon) and stuff like that. Newer tools are better, despite of having some bugs, new weapon can baypass newer security tricks. But I like it.

the reason the ParrotSec team has some old tools still in their repos is because of compatibility. they usually update these tools after a week or 2, together with an OS update.

-Phoenix750

OK. Thanks a lot!

I really like the GUI of ParrotSec, it so fancy.
Besides that, I really liked the custom fork like airemode etc etc.
Im seeing forward on your posts about parrotsec!

Well there are some good news !! I was about to install Kali for my debut in hacking, but it seems that I'l end up with Parrot. It will save me almost 2 Go of download. Thank you sir !!!

I just have a couple of questions :
1- Why don't you like Tor anymore ? (nice rhyme...)
2- Does Parrot come with SET out of the box ?

  1. TOR has been compromised by the NSA some time ago.
  1. Parrot comes with SET out of the box.

-Phoenix750

What is SET? I did a quick google search that doesn't help

Sorry for the late reply. SET is the Social Engineering Toolkit.

-Phoenix750

Rustin:

Welcome to Null Byte!

As a beginner, I still recommend Kali 1.1 as the tutorials here wil be useing it and not Parrot.

Thanks, mate !

But the tutorials are mostly about the tools, not the OS. How would it be harder in Parrot ?

it will mostly be the same.

But if you are a newbie, i too recommend Kali 1.1, but almost all tutorials work on Parrot aswell.

-Phoenix750

I was having so much trouble with Kali 2. Most of the time it wouldn't even shutdown properly. Parrot OS is a godsend. Works perfectly. Thanks for the post.

Hey Phoenix750, I decided to install ParrotSec. But when it come to install the VBoxAdditions it says to me that I don't have the administrator privileges ! How do I do please ? Thanks :)

try putting "sudo" in front of your commands.

-Phoenix750

Besides DNS leaks, what are other things that threaten privacy, such as Javascript maybe?

Javascript and any other form of web scripting can be fatal. and browser exploits. And don't forget malicious software!

-Phoenix750

Apart from a VM, Im running kali 2 on a, persistent LUKS live USB 3.0, on my 2015 MB-air, this makes for 2 problems.

  1. Booth up is succesfull only 50% of the time, so several reboots necessary.
  2. Kali lags severely, when encrypted on USB and is pretty annoying.

Would any of these issues be resolved if using Parrot you think?

BR - MG

It is worth giving a try. But try doing a SMART reading of your drive to ensure your drive is still in a good shape.

-Phoenix750

Thanks for the quick reply. :)

About the SMART reading, are your referring to a general thing to do or thinking it might be a drive issue thats the reason for my problems?

I have tried the setup on 3 different USB drives, same result...

BR- MG

A SMART reading is a kind of test that checks if there are errors in your drive. The handy Windows tool called SpeedFan is excellent for this.

-Phoenix750

Ok thanks :), but since its persistent across several usb´s I wouldt expet that to be the case, and others report the same speed problems. But ill try Parrot and see if it performs better, thanks for your time.

BR MG

I'm a little late to the party, but I'm glad you made this series. Thanks Phoenix!

hey,
i can't get anonsurf running via wifi.
neither on p2.0 ,p3.0 nor on kali rolling.
eth0 is no problem, runs very well.
is anonsurf or tor meant to be run via ethernet and not via wifi???
do i need to config proxy?
any suggestions?
thnx for inspiration.

Where can I find tutorials of "Parrot Sec OS" tools?
I wanna learn more about it? and I am newbie.

Share Your Thoughts

  • Hot
  • Latest