ParrotSec: Part 1 (Introduction)
Good day again, fellow hackers! It has been a while since my last post, but I am back now with a new series on a very cool operating system that, I think, will throw Kali Linux out of business when it comes to hacking from a desktop PC or a laptop/notebook. That operating system is called Parrot Security OS, or "ParrotSec" for short.
While I still like Kali for ARM environments (like the Raspberry Pi) or as a chroot OS on my Android device (I will make a tutorial on that in the future), I still believe none of you should choose Kali blindly just because most of the tutorials on here are written for it.
While Kali has let me down a few times (the many bugs in Kali 2.0, for example...), ParrotSec hasn't failed me yet. I've been using it for about 6 months now, and I only encountered one bug in that entire time, which was the display manager not working after a system upgrade.
Yesterday, ParrotSec 2.0 (nicknamed "Helium") has been released, as a reaction to Kali 2.0. Kali 2.0 felt a bit rushed to me and had quite a few bugs, I didn't encounter a bug with ParrotSec 2.0 yet. So I think that now is the right time to make a series on ParrotSec and it's features.
Note: AppleDash48 already wrote an article on Parrot, but he didn't really explain how the many features can be used, which is what I am hoping to do with this (probably 4-part) series.
ParrotSec is a very friendly pentesting distro and it is really suited for everyone! For the newbie, there is the cool theme and many automated features. The more experienced will love to have some of the must-have tools pre-installed with the OS, and many more available through the repositories. But it is also suitable for everyday use because it is closely based on Debian 8.
ParrotSec has a custom made Linux 4.1 kernel and is based on Debian 8. It uses the MATE dekstop environment, and "lightdm" as it's display manager. ParrotSec also comes with it's own theme.
That's it for the specifications of the OS, let's have a look at what features it has that Kali DOESN'T have!
- Anti-Forensic tools. This is the thing that makes ParrotSec so useful. ParrotSec has many built-in anti-forensic tools. One of the most useful ones being a script called TCCP, which allows you to encrypt a single file, a partition, or even entire drives! furthermore, it also comes pre-installed with tools such as ZuluCrypt, and it has even more anti-forensic tools in the repositories.
- Pandora's Box. This is a really useful tool. Each time you shut down your computer, the data in your RAM is "lost", but in reality it is still there. It kind of works like how files are being deleted in a hard drive. And just like you can recover deleted files, a forensic investigator can recover the data in your RAM, which gives away info on what programs you ran, what you did with those programs, what sites you might've visited, etc..
Pandora's Box is a tool that removes everything your OS stored in the RAM during your session, and it runs automatically at shutdown, or you can choose to run it manually, though that is not recommended.
- RAM-only surfing. Another neat feature: ParrotSec has a special browser that allows you to surf with a "RAM-Only browser profile", which means iceweasel will not access your hard drive. This is really great if you need to look something up that absolutely nobody may see. While it is true that RAM-Only surfing leaves traces in the RAM, you shouldn't worry, because we have Pandora's Box!
- Anonsurf. This is some kind of script made by the ParrotSec team that completely anonymizes you with just one click of a button, using TOR (though i don't like TOR anymore). Anonsurf automatically routes ALL your traffic through TOR, including your DNS requests to prevent DNS leaks.
I have been trying to get Anonsurf to work with I2P, but i am not close yet. I'll let you all know once i succeeded in it.
- TOR and I2P out of the box Another thing why I hate Kali: TOR and I2P don't come out of the box.
- And a lot more.
- How to set up Parrot.
- How to encrypt a file, a directory, a partition, or an entire drive using TCCP and ZuluCrypt.
- How to use Anonsurf and other anonymity tools.
This is it for this part guys. This will be a short series, and probably a not so useful one. But I really want you guys to discover this amazing OS.