parrot desktop 7b08d47a50369a88eacccb8b38084697

Table of Contents

 

What is ParrotOS?

Parrot Security (ParrotOS, Parrot) is a Free and Open source GNU/Linux distribution based on Debian Stable designed for security experts, developers and privacy aware people.

It includes a full portable arsenal for IT security and digital forensics operations. It also includes everything you need to develop your own programs or protect your privacy while surfing the net.

Parrot is available in three main editions, Security, Home and Architect Edition, even as Virtual Machine (Virtual Box, Parallels and VMware), on Raspberry Pi and also on Docker.

The operating system ships by default with MATE Desktop Environment, but it is possible to install others DEs.

Parrot Security 6.0 “Lorikeet” with MATE Desktop

History and Team

The first public release appeared on April 10th, 2013 as the result of the work of Lorenzo Faletra who continues to lead development.

Originally developed as part of Frozenbox (a community forum by the same creator of Parrot), the effort has grown to include a community of open source developers, professional security experts, advocates of digital rights, and Linux enthusiasts from all around the globe.

The project is headquartered in Palermo, Italy and governed by Parrot Security CIC, a community interest company registered in the UK.

Why “Parrot”?

Because it was born as a game, and every pirate of the seven seas needs a parrot on his shoulders if he wants to board the galleons with his crew of jailbird filibusters.

Who is it designed for

The system is designed to be familiar for the security expert and easy to use for the new entry student, but it does not try to hide its internals as other general purpose distributions try to do.

Parrot can be used as a daily system. It provides all the programs for the day to day tasks, including a dedicated edition of the system (Parrot Home Edition) that doesn’t include security tools.

Software Management

The system has its own applications repository including all the packages supported by Debian, plus many other applications and tools Debian can’t provide yet. All of them are accessible directly from the APT package manager.

Additionally, Parrot supports Snap, a package distribution system that provides easy access to many other programs that GNU/Linux distributions don’t always ship in their software archives.

Flatpak is a universal software store similar to Snap. It can be installed from the Parrot official repository.

Also Parrot supports Wine, a compatibility layer to run Windows applications in GNU/Linux environments.

Should I use Parrot?

Why Parrot is different

Even if we would like everyone to use the Parrot System or, at least, give it a try, there are some important considerations to make about who we expect to use Parrot and who may have a bad experience from it.

First of all, even if Parrot provides general purpose flavors, its core is still tuned for Security and Forensics operations. In this section we will explain how different Parrot is compared to other general purpose distributions and how different it is from other Pentest and Forensics distributions. Then we will present some categories of people and what kind of experience they may have by using this system.

General purpose distributions

Parrot is different from a general purpose distribution (i.e. Ubuntu) because it does not try in any way to hide its internals.

Meaning that many automation tools are included in the system to make it easier to use, yet expose quite well what the system has under the hood.

A good example is the parrot update reminder: it is a simple yet powerful program that prompts the user to check for system upgrades once a week. but instead of hiding the upgrade process behind a progress bar, it shows the user the full upgrade process from the apt output.

Another important difference is that Parrot disables by default all the network services pre-installed in the system, not only to maintain a very low RAM footprint and offer better performance, but also to avoid services exposure in a target network. Every network service needs to be manually started when the user needs it.

Pentest distributions

Pentest distributions are famous for integrating only security tools, allowing easy root access and taking down all the security system barriers that may influence the workflow of a pentester.

Parrot was designed to be a very comfortable environment for security experts and researchers. It includes many basic programs for daily use which pentesting distributions usually exclude (at the cost of less than an additional gigabyte of storage). This choice was taken to make Parrot not only a good system to perform security tests, but also a good environment where you can write reports, build your own tools, and communicate seamlessly with teammates, without the need for additional computers, operating systems or configuration.

Our goal is to allow any professional pentester to make a whole security test from the beginning, to the report with just a Parrot ISO and an average laptop.

Secure distributions

Parrot Security ships with custom hardening profiles and configurations for AppArmor and other linux hardening technologies, and takes inspiration from the success of other projects that deliver the highest level of security in the GNU/Linux scenario, like Tails and Whonix to sandbox the system and deliver a layer of security above the average.

All this additional security comes with a cost: it is harder to adopt bad behaviors on Parrot. For instance it is not possible to log in as root with the whole desktop environment, or to start critical applications like browsers, media players or advanced document readers with unnecessary privileged permissions.

The user can still open root consoles, launch security tools with privileged permissions and use the system without limits. The only thing that changes is that all the critical user applications are now protected from very bad behaviors and common exploit techniques, or even zero-days, and the damages caused by advanced exploits are very limited.

Forensics distributions

Digital forensics experts need an environment that does not compromise their evidence.

Parrot comes with automount functions disabled by default, to allow forensics acquisitions to be performed in a safe way. The global automount policy is configured in a redundant way in all the layers of the system stack, from the noautomount kernel option passed by default at boot, to the specific file manager settings to disable auto mount and plug & play features.

Don’t forget that the disks are still recognized by the system, and the system will mount them without protections if the user accidentally open them.

The no-automount behavior is consistent and stable, but no protection is provided in case of accidental mounts. A write blocker is always recommended in any digital forensics scenario.

In summary, Parrot is made for:

  • Security Experts
  • Digital forensics experts
  • Computer Science/Engineering Students
  • Researchers
  • Wannabe Hackers
  • Software developers

What is GNU/Linux?

GNU/Linux is an operating system built over the years thanks to the contributions of many developers around the world. Few of its peculiarities will be described here.

Free Software

“Free software” is software that respects the freedom of users and their community. Broadly speaking, it means that users have the freedom to run, copy, distribute, study, modify, and improve the software. In other words, “free software” is a question of freedom, not price. To understand the concept, think of “free” as “free speech”, not “free beer.” In English, sometimes in the place of “free software” we say “libre software”, using that spanish adjective, derived from “freedom”, to show that we do not mean that the software is free.

Four are the freedoms that define “Free Software”:

  • Freedom 0 : The freedom to run the program as desired, for any purpose.
  • Freedom 1: The freedom to study how the program works, and change it to do what you want. Access to the source code is a necessary condition for this.
  • Freedom 2: The freedom to redistribute copies.
  • Freedom 3: The freedom to distribute copies of its modified versions to third parties. This allows you to offer the entire community the opportunity to benefit from the modifications. Access to the source code is a necessary condition for this.

A program is “free software” if it appropriately grants users all of these freedoms. Otherwise it is not free. It is said to be “Proprietary Software”.

By way of summary we could say that:

  • “Free Software” or “Libre Software” does not necessarily mean that it is free, although in many cases it is.
  • “Free Software” provides four basic freedoms: freedom to run software, freedom to modify and study your code, freedom to redistribute copies of such software, and freedom to distribute copies of modified software.

You can read this information at the following link: https://www.gnu.org/philosophy/free-sw.en.html

GNU Project

Let’s start with some history… It’s the 70’s of the 20th century, when a man named Richard Stallman started working at MIT (Massachusetts Institute of Technology). At this time it was very common to work with free software. The programmers were free to cooperate with each other and did so quite often. What’s more, even computer companies distributed their software freely. All this changed in the 1980s, and practically all software began to be distributed privately, which means that such software had owners who prohibited cooperation between users. For this reason, and in the face of what seems an injustice, Richard Stallman decides to create the GNU project in 1983. Being in 1985 when the Free Software Foundation was founded with the objective of raising funds to help program GNU.

The GNU operating system is a complete Unix-compatible free software system. The term GNU comes from “GNU is not Unix”. It is pronounced in a single syllable: Ñu. Richard Stallman wrote the initial announcement of the GNU Project in September 1983. An extended version, called the GNU Manifesto [1], was published in September 1985.

The name “GNU” was chosen because it met a few requirements. First of all, it was a recursive acronym for “GNU Is Not Unix”. Second, it was a real word. Lastly, it was fun to say (or sing) [2].

They decided to make the operating system Unix-compatible because the overall design was already tested and portable, and because the compatibility made it easy for Unix users to switch from Unix to GNU.

A Unix-like operating system includes a kernel, compilers, editors, word processors, mail software, graphical interfaces, libraries, games, and many other things. For all this, writing a complete operating system takes a lot of work.

At the beginning of 1990 the main components had already been found or programmed except for one, the kernel.

[1]. https://www.gnu.org/gnu/manifesto.html

[2]. http://www.poppyfields.net/poppy/songs/gnu.html

Linux project

Let’s jump back in history, this time to 1991.

Around that time, a Finnish computer science student named Linus Torvalds wanted to create an operating system similar to minix (which he used at university), but that would work on his new computer. with 80386 processor.

Using the GNU C compiler, Linus Torvalds soon had a first version of the Kernel (kernel) capable of running on his computer. On August 25, 1991, he announced this system on Usenet, on the comp.os.minix list. His project quickly gained followers and there were many who joined him, and began to develop for said Kernel.

Linus initially released his software under his own license, although he finally chose a GNU GPL license in 1992, in part because the C tool he had used to compile it was also GPL.

The name of Linux, for this kernel, was taken months after its publication, since Linus himself had originally wanted to call it “Freax”. In fact, in the first version of the kernel, you can see inside the makefile, how you called it this way. Finally Ari Lemmke, who was one of the people in charge of the FTP server at the Helsinki University of Technology, placed the files on the server under the “Linux” project without consulting Linus. Linus did not like this name because he found it too self-centered or selfish.

He finally agreed to the name change and a long time later in an interview, Linus himself commented that “it was simply the best name that could have been chosen.”

GNU/Linux

The FSF (GNU) was developing a kernel called Hurd (still under development). This kernel was developing more slowly than they came to think. So before the release of the Linux kernel, it was adopted within the project.

So, the correct name for the Operating System is not Linux, but GNU/Linux. Nowadays when people talk about Linux, they are really talking about GNU / Linux [1].

The kernel itself is useless. The kernel is the component that makes the software, and therefore the user, able to communicate with the hardware. But it takes more than a kernel to run a computer. It is necessary that there are certain programs in the user part. These programs may or may not be licensed under the GPL (GNU).

[1]. https://www.gnu.org/gnu/linux-and-gnu.en.html

Download ParrotOS

ParrotOS is available for download here.

The OS also runs on older machines, but it is recommended to consult the system requirements.

Which version should I choose?

Parrot comes in a lot of shapes and sizes in order to fit all possible hardware and users’ needs.

Depending on what hardware configuration and scope you have, consider these options:

Parrot 6.0 Security Edition

As the name suggests, this is the full edition. After the installation you have a complete out of the box pentesting workstation loaded with a large variety of tools ready to use. Highly recommended for PC Desktops and Laptops with at least 4GB of RAM, for a smooth experience whilst multitasking.

Parrot 6.0 Home Edition

This version of Parrot is a lightweight installation which provides the essential tools needed to start working. It relies on the same repositories as the Full Edition, letting you choose most of the programs you want to install later on. Recommended for those who are familiar with Pentesting Distros but require a minimal installation.

Parrot 6.0 Cloud Edition

Cloud images are special editions of Parrot Security made for embedded devices, cloud environments, virtual machines and other special deployments.

Parrot 6.0 Architect Edition

This edition of Parrot does not contain any software you do not choose, weighs about 379 mb and is available for any architecture (amd64, i386, arm64). The arm64 version can also be used in MacOS devices with M1/M2 processor.

Security, Home and Architect Edition, which one should I choose?

Parrot Home Edition and Parrot Security Edition are identical, and the only difference between them is the set of software that comes pre-installed.

Parrot OS Home Edition comes with no security tools, while Parrot OS Security Edition comes with all the hacking and pentest tools pre-installed.

You can use the Home Edition and install only the hacking tools you actually need, or you can install all of them at once with sudo apt install parrot-tools-full

The Architect Edition does not contain any software pre-installed. You can decide and customize your edition of ParrotOS just before the installation.

Parrot 6.0 on Docker

Forget all you know about pentesting circumstances. Carrying a laptop everywhere you go to accomplish your job is not mandatory anymore. You can now have a remote VPS loaded with Parrot OS ready to perform all sort of tasks from an embedded terminal, with discretion. This edition does not provide a GUI out of the box, but it’s available in the repositories if needed.

Check it out now

Community Contributions

Parrot was born and continues to be a fully open-source project, this means that anyone can see the code of each of its components and, if interested, modify it.

Which is why, if you like the world of open source and in particular the Parrot project, you are strongly invited to contribute. Here you will find a guide on how to proceed and on which projects you can currently contribute.

No matter how technically good you are in a certain area, you will see that you can contribute in various ways depending on the Parrot sub-project. Any motivated and useful contribution is always more than welcome. In any case, someone from the team will be alongside you in order to discuss it together.

At present, all Debian packages and all tools developed by the Parrot team reside on GitLab and GitHub (as a backup mirror).

Why should you be a contributor?

Be a contributor for an open-source project means that you have the chance to:

  • Meet new people: you will be able to meet a lot of developers like you, who are in love with the world of the open-source projects. This will not only help you to expand your network from a professional point of view, but also to develop real and true friendship;
  • Learn and teach new things: first rule of contributor is “never get stuck on what you already know”, it doesn’t matter if you’re a newbie or a senior developer, if you start contribute to an open-source project you can learn a lot of new things or, in the other way, you’ll get the chance to teach new things to other people (this will boost your confidence a lot, trust us);
  • Make your work worth it: you will get the chance to test in advance some of our packages and, in the best-case scenario, your work will be built into Parrot Security OS.

Working on a Parrot sub-project

Since we mainly work on GitLab, it will be important that you have a registered GitLab account, you will need it to start contributing. Then, once you have chosen the sub-project, contact the Parrot team at the email [email protected], specifying the chosen sub-project and the part in which you want to contribute.

This list will be updated, but it is now possible to contribute to the following sub-projects:

  • Website
  • Documentation
  • Debian Packages
  • ARM Images
  • Community

Website

The Parrot website, freely visible at https://parrotsec.org, was built using the NextJS framework and the React library. You are free to view and analyze the code by cloning the repository.

If you have any ideas on how to improve it or anything else, feel free to open a merge request. The maintainer ([email protected]) of this sub-project will review your request as soon as possible and coordinate to approve it.

Documentation

The official ParrotOS documentation, accessible at https://parrotsec.org/docs. It is based on the Docusaurus v2 framework and the graphics follow the ParrotOS style. New features will always be added to make it as complete as possible. If you think you can add some essential or interesting documents, feel free to clone this repository and open a merge request.

Debian Packages

Most of our 3rd party programs and most of our pre-included programs comes from Debian. We mostly wait for Debian updates. You can contribute by creating new Debian packages or by proposing new tools, strictly already packaged according to Debian standards.

To get started, you can follow this manual.

Initially the work must be started on personal repo forking the package. Once the code is correctly set to be packaged, open a merge request and Team Leader will analyze modifications before approve.

ARM Images

Parrot is also available for ARM platforms, through some scripts we generate the images available in this repository.

In particular, it is recommended to read the iot and architect folders.

Community

The community is a very important part for an operating system like Parrot, and helping each other can only be useful to increase one’s knowledge. The ParrotOS community always needs new moderators, for Discord channels, our Forum and in Telegram groups.

The contact person for the community is [email protected].

Community Structure

Each community is divided into the following sections:

  • General: A welcome place to have a first approach to our community. Feel free to ask for help or whatever you need, there will always be someone who will answer your questions or direct you to the right channel.
  • Support: Technical Support room for ParrotOS. Here you can find questions and answers concerning the OS.
  • Ask the Devs: ParrotOS devs are here to answer questions regarding the OS and more.
  • Distro Development: News and sneak peak at the progress of the next ParrotOS version development, questions are always welcome.
  • Hacking: Have fun by asking questions about hacking techniques, read users’ experiences, read contents made by us or confront about what concerns Hacking and Security in general.
  • Programming: In this room discussions about coding are highly encouraged, and if you need assistance on your tasks, don’t hesitate to ask.
  • Sysadmin: The topic here is all about system administration, networking, hardware and software.
  • OffTopic: Free conversation room, memes are always welcome!
  • News: Official Channel to get all of the latest news about Parrot.

Community Manifesto

We highly encourage users to engage discussions not only for support purposes, but also for whatever concerns security, hacking, programming (and so on), build an active and varied community where any kind of discussion or comparison are valued and welcome.

If any user want to join us (or has already joined) to help building and keep healthy and active our community, we ask to follow the rules of each community and to meet certain requirements:

  • Be kind, always.
    It is important to maintain a consistently polite and patient demeanour with users. Reserve expressing frustration or anger for truly exceptional and extreme circumstances.
  • Respect Everyone.
    Our community must be healthy even when it’s about religion, political belief, physical/mental disabilities and LGBT+ communities. Don’t spread hate on anything or anyone and guide users towards respect and acceptance.
  • Be a guide to anyone approaching this field, ParrotOS and GNU/Linux for the first time.
    No one is born an expert in a specific field. Don’t take anything for granted, if a user asks a question about something that you know very well, share your knowledge, it’ll be accessible for the future to those who’ll be in the same situation. You don’t know the answer? Kindly guide the user to wait for someone more experienced to read the request and reply.
  • Be always enthusiastic to learn new things and be open to new possibilities.
    Knowledge is constantly evolving, and something you used to know may vary over time, confront the community as much as possible.
  • Avoid acting impulsively or based solely on your personal dislikes.
    Everyone can have likes and dislikes, but this must not affect the community. Moderate with intelligence and reasoning, not with your personal emotions. If there’s something negative or that needs more attention about the team, please ping the community manager in the moderation room and explain detailedly what’s going on.

We value users’ contributions so, for this reason, every three months we will announce the most active members, who will obtain in their profile the mention of “ParrotOS Enthusiast”. Thanks to this, we will give our community more reference points.

Parrot Community Activities

This is something new for the ParrotOS community, we are proud to introduce periodic challenges and events to make our common place more vital and involved. So, as per the above-mentioned values, we designed these activities for you:

  • ParrotOS Tutorial
    A Tutorial video series showing how to use ParrotOS from the very basics to the most advanced tasks. Every two months live on Discord and available on our Youtube Channel.
  • Learn Linux and Security with ParrotOS
    This is both for newbies and the experienced ones, we’re going to monthly use HTB Academy to teach and challenge you to train and improve your knowledge, whether you know Linux and Security or not.

Development workflow

Our development workflow is based on these following points and always tries to involve the entire development team (and interested contributors), so that everyone is constantly updated:

  1. Devs will write their code, make a first local test in order to resolve as much bugs as possible.
  2. Upload the first version (or an updated version through merge request in case of an application being updated) on GitLab. The Team Leader (or someone in charge) will analyze the code and approves the modifications.
  3. An open beta/internal beta campaign will be launched in order to investigate the code and find bugs/vulnerabilities.
  4. If bugs and vulnerabilities have been discovered, repeat the two previous steps until there are not critical and evident bug anymore.
  5. When the code is ready to be packaged, the Team Leader or someone in charge will accept the final modifications.

 

How to install ParrotOS

This guide will help you install ParrotOS (latest version) on your computer step-by-step through the default official installer: Calamares.

This guide applies to both the Security and Home Edition.

Any problems or missing details, please report it to the official Parrot forum.

Insert your installation media into your computer and through your BIOS settings start Parrot. A screen will appear with several options, including some more advanced.

Select Try/Install and press Enter.

Wait for the OS to load (few seconds).

Welcome in Parrot Live

Here you can test the OS in its entirety, then you can proceed with the installation.

Click on Install Parrot:

and the installer, Calamares, will start.

Let’s start!

The next step is selecting the system’s language. Choose your language and click on Next.

Then select your Region and Zone. Click on Next.

Now, you can select the keyboard layout. There are many variations available, and you can test them where its written “Type here to test your keyboard”.

Click on Next.

Parrot Security disk partitioning

We think guided partitioning for less experienced users is recommended, 40 GB or more is enough, unless your going to want to install a lot of programs or keep larger file on your hard drive.

Here you can decide whether to enable swap or not. For more information about swap:

https://wiki.debian.org/Swap

https://www.kernel.org/doc/html/latest/power/swsusp.html

If you want, you can also encrypt the system by adding a passphrase:

Select the options that you think will be most useful to you and click on Next.

Creating a new user account

You will be asked to create a new user, for simplicity we have chosen a user. You can enter any name in here.

Remember that it is the password to access your OS account, we recommend you to create a long and complex one.

Then, click on Next.

Completing the installation process

Finally, a summary of the choices made during the procedure:

You can decide whether to change the chosen settings, and then go back, or proceed with the installation of the system. Click on Install.

Confirm by clicking Install now

And wait for the installation to complete!

With an SSD (Sata), it will take a few minutes.

Well done! You have successfully installed Parrot OS on your computer!

Login to Parrot for the first time

Enter your Password:

Welcome to Parrot! Congrats!

 

Dualboot with Windows

It’s possible to install ParrotOS alongside Windows, thanks to GRUB and a correct partitioning.

NOTE

Disable Secure Boot and CSM from UEFI settings in your machine.

After following the steps for setting the Parrot Installation before partitioning, the situation will be similar to this:

There are two ways for proceeding:

Method 1: Automated Partitioning

This is more way easier. You just have to select Install alongside then select /dev/sda3 within the bar, drag the bottom bar to resize the partition in order to assign the desired amount of space for ParrotOS, then click on Next and proceed with the installation.

Method 2: Manual Partitioning

This method gives the freedom to choose for ParrotOS the desired amount of space and the number of partitions wanted.

NOTE: The Security edition needs at least 40GB of space, Home edition needs at least 20GB of space (which has been used for this guide.). No Swap partition has been set because it has been used on an SSD.

Select Manual Partitioning then click on Next.

You’ll see something similar to this:

In detail:

  • /dev/sda1 is the boot partition.
  • /dev/sda2 is MSR (Microsoft Reserved partition).
  • /dev/sda3 is where Windows 10 exists.
  • /dev/sda4 is a hidden partition which contains Windows Files for Recovery.

This is the standard partitioning for Windows, which follows this exact order. Select /dev/sda3 then click on Edit.

This window will open up:

Here is possible to shrink/resize partitions (by dragging the bar or inserting the size in MiB), set flags and mount point.

Drag the bar or set the value for getting the desired partition size (in this case the total amount of the partition size is 60GB, and we dedicated 40GB to Windows, and thereby the remaining 20GB have been assigned to ParrotOS.) then click on OK.

This is the updated situation, after shrinking the Windows partition, an unallocated space of 20GB is available. Select it, then click on Create:

These are the settings for new partition, set the file system you want (ParrotOS uses BTRFS by default), set the mount point in / (root), then click on OK:

Now, the last step: Set up the boot partition.

Select /dev/sda1 and click on Edit:

Set the mount point in /boot/efi then click on OK:

This is the final situation, proceed with the installation by clicking on Next:

Install ParrotOS with WSL

Installing ParrotOS on Windows-Subsystem-Linux(henceforth WSL)

Note about Virtualized Machines

This is not indended, or supported to be ran within a Virtualized Windows Machine.

Any bugs or issues resulting from this are most likely not going to be fixed.

TL;DR, Virtualized Windows Machine – You’re on your own.

Installing WSL

If you already have WSL installed on your machine, you can skip this section.

Open up a Powershell as administrator(Right click -> Run As Administrator), and type wsl –install, if you see help text, that means you have WSL already installed, otherwise wait for the install to finish.

Running Parrot WSL

Manual Install

Download the .zip containing the needed files from https://www.parrotsec.org/download/, and extract it to a folder.

Double click launcher.exe and the installation window will pop up.

First, enter y or n to choose to install all the security tools,, or just the base image(this can be done later). Next, enter your username & password for your user account.

Your WSL “Hard Drive” will be created as a .vdhx in the folder you create the launcher from.

All updates can be performed via a standard apt upgrade/update. However if you wish to rerun the installer, you must run wsl –unregister ParrotOS, and rerun launcher.exe

Congrats, you now have a working WSL instance!

Windows Store

Coming soon….

Known Issues

Packages requiring SystemD(i.e. Powershell Empire) are not working on default installs.

This can be fixed however, by editing /etc/wsl.conf and adding

[boot]

systemd=true

 

And restarting your wsl instance.

Unknown Issues

Please open an issue in The WSL Gitlab Project for any bugs you encounter.

Install ParrotOS with Manual Partitioning

Now let’s focus on the Manual partitioning of ParrotOS using Calamares installer, which may be necessary for various purposes and needs.

Like the Dualboot with Windows, this method allows you to assign the desired size of the partitions and determine how many of them to create or edit.

Let’s see two use cases:

Case 1: Partitioning a disk with existing partitions

After following the steps for setting the Parrot Installation before partitioning, select Manual Partitioning then click on Next.

You’ll see something similar to this:

The partitions in detail:

  • /dev/sda1 is the partition which contains EFI boot files.
  • /dev/sda2 is the partition containing the existing OS.

To make ParrotOS work in a UEFI computer, at least three working partitions are needed:

  • /boot/EFIthe folder containing the efi firware necessary to boot the system.
  • /the folder containing the entire system
  • /homethe User data folder

NOTE

Disable Secure Boot and CSM from UEFI settings in your machine before doing any of the above descripted operations.

In a standard BIOS partition, at least two working partitions are needed:

  • /
  • /home

Now, let’s change the mount point for the necessary partitions. First, select /dev/sda1 and click on Edit

This window will appear, here is possible to shrink/resize partitions (by dragging the bar or inserting the size in MiB), set flags and mount point.

Set up the partition as you can see below, then click on Ok.

Now select /dev/sda2 and click on Edit.

Drag the bar or set the value for getting the desired partition size (in this case the total amount of the partition size is about 124GB, and we dedicated about 70GB to Windows, and thereby the remaining 50GB have been assigned to ParrotOS.) then click on OK.

NOTE

Parrot Home needs at least 20GB of space, while Parrot Security needs at least 40GB of space. Home Edition will be installed in this guide.

Now select the Free Space and click on Create.

Now let’s create the / – root partition, set it up as it appears below then click on Ok:

Now, the last partition, /home. Select the remaining Free Space then click on Create:

Set up the partition as it appears below then click on Ok:

Now all the partition are properly configured, proceed with the installation by clicking on next.

After this, proceed with the final steps of the installation by clicking on Next .

Case 2: Partitioning an empty disk

After following the steps for setting the Parrot Installation before partitioning, select Manual Partitioning then click on Next.

Since the hard drive is empty, the space will appear unallocated. Let’s create a new partition table by clicking on New Partition Table

A dialogue window will appear asking the desired partition table type, keep the default value (GPT) and click Ok

Select the Free Space and click on Create

From here, it’s possible to create and edit partitions. Let’s create the first one, /boot/EFIthe folder containing the efi firware necessary to boot the system. by following three simple steps:

  • Click on the Mount Point drop-down list, and set it on /boot/EFI
  • Click on File System drop-down list, set it on fat32
  • On the Size text field, write 200MiB, then click on OK

At this stage, the partition table will result like this:

Now select again the Free Space and click on Create, let’s create * /the folder containing the entire system

From the partition setup window, set the partition Size to 20753MiB, the File System to btrfs and the Mount Point to /, then click on Ok

NOTE

Parrot Home needs at least 20GB of space, while Parrot Security needs at least 40GB of space. Home Edition will be installed in this guide.

Now, the partition table looks almost complete:

Finally, let’s create /homethe User data folder with the remaining Free Space. Select it and click on Create

As the setup window appears, setup File System as Btrfs and Mount Point as /home. When finished, click on Ok

Now the partitioning is completed, proceed with the installation by clicking on Next.

ParrotOS on Raspberry Pi

This version is available in all the variants offered by Parrot: Core, Home and Security editions.

Installation process

To proceed with the installation, you will need to get a microSD card of at least 8 GB (the Core edition however can also be installed on a 4 GB microSD).

NOTE

This procedure applies to any edition of Parrot on Raspberry Pi. Currently ParrotOS has been successfully tested on a Raspberry Pi 3B, 4B, 400, and 5.

Now, download the ParrotOS edition of your choice from our website.

Then, insert the micro sd into your computer, and in the meantime, download the Raspberry Pi Imager or Balena Etcher. We will need one of these two to install the system in the microSD.

Click on Choose OS and select Use custom.

Now a window will open where you can select the downloaded ParrotOS edition. It is a compressed img.xz file.

Then select your micro sd by clicking on Choose Storage.

Everything is ready, click on Write and the writing procedure on the micro sd will start. Once finished, you can insert your microSD into your Raspberry Pi. Enjoy!

For any questions and/or problems, we kindly ask you to contact us through our social channels.

Installing ParrotOS on VirtualBox

This guide will cover the following steps:

  • Create a new Virtual Machine
  • Create a new Virtual disk (VDI, dynamic allocation etc…)
  • Modifying VirtualBox settings (allocating physical and Video memory, selecting OS Type, CPU acceleration etc.)
  • Loading Parrot Security ISO
  • Booting Parrot Security ISO (initial info, location, timezone etc.)
  • Parrot Security disk partitioning
  • Finalizing installation and running Parrot Security on VirtualBox.

Things you need to install

If the OS you are using is Windows or MacOS, here is the link to the VirtualBox installer.

On GNU/Linux it is the same, but you can install it via CLI:

sudo apt install virtualbox

Follow the same steps EXACTLY to install and run Parrot via VirtualBox in your machine.

Step 1 – Create a new Virtual Machine

Before proceeding, make sure you have successfully installed VirtualBox. On GNU/Linux you can check this by opening a terminal and typing virtualbox and/or the icon to start VirtualBox will be visible in the menu. For other operating systems there will be a similar icon to start it.

Once you’ve installed VirtualBox:

  • Open it.
  • Click on New to create a New Virtual Machine.

Step 1.1 – Enter a name for your Virtual Machine

Enter Parrot Security as the name. Load Parrot Security ISO (click on the arrow at your right, and search for the ISO in the download folder.) and proceed, Type and Version will be detected automatically.

Important: if your disk size is mismatched, you might have a corrupt disk. Refer to Parrot Security chapter through this documentation for size related info. You can also do a SHA1 check to ensure your disk is not corrupted.

Step 1.2 – Allocate RAM and CPU

The OS can run on machines with 512 MB of RAM and 2 cores, but at least 2 GB and 2 cores are strongly recommended for both Parrot Security and Home Editions.

Choose the best setting for your machine, check “Enable EFI” checkbox and click Next.

Step 1.3 – Create a Virtual Hard Drive

On the next screen select Create a Virtual Hard Disk Now. Set the disk size at 20 GB for Home Edition and 40 GB for Security Edition

This will create a Dinamically Allocated Disk, if you want to have the entire disk size, check “Pre-Allocated Full Size

Click Next and proceed.

Double-check your settings in the screen similar to this and click Finish

Step 2 – Modify VirtualBox settings

So far, we’ve done the following, checklist for you:

  • Created a New Virtual Machine
  • Created Virtual Hard disk
  • Fiddled with disk properties, type and size.

At this point you should see the following screen:

Step 2.1 – Enable shared Clipboard and Drag ’n’ Drop feature

Select General > Advanced TAB and change Shared Clipboard and Drag ’n’ Drop to Bidirectional. This will allow you to copy paste files from your HOST machine on the fly. Confirm by clicking OK.

Step 2.2 – Update number of Processors and enable PAE/NX

As we already said, 2 cores works well. With 4, 6, and so on, performance will be much better.

You should not configure virtual machines to use more CPU cores than are available physically. This includes real cores, with no hyperthreads. See processor tab on VirtualBox website.

Check the box for Enable PAE/NX.

Step 2.3 – Update Virtual Motherboard options

Select System > Motherboard, un-check Floppy (who has a floppy anymore?) and check the box to Enable I/O APIC.

Note that you can change base memory allocation in the same screen. We’ve set it to 2048 MB previously. If your machine got 8.00 GB RAM, it means that you can allocate a lot more to make Parrot Security respond faster as a virtual machine.

If you feel your Virtualized Parrot Security is slow, you should increase this Base Memory allocation.

The calculations are as follows:

  • 1.00 GB = 1024 MB
  • 2.00 GB = 2048 MB
  • 3.00 GB = 3072 MB
  • 4.00 GB = 4096 MB
    and so on.

Multiply 1024 with the amount of Memory/RAM you want and put the value here.

Step 2.4 – Allocate Video memory and 3D acceleration

Select Display > Screen > set Video Memory to 128 MB. This allows for a good responsive desktop environment.

Also check the box for Enable 3D Acceleration.

If you have more than one monitor, you can change your settings here too.

Step 2.5 – Update Parrot Security ISO Loading Settings

Select Storage > Controller: IDE and highlight Empty CD icon. Now on your right, you should be able to click on the little CD icon (it should be CD/DVD Drive: IDE Secondary Master already, if not change it) and select your downloaded ISO.

Once you select your downloaded ISO (in this case, it’s Parrot Security 6.0 ISO. See the properties and information’s changes accordingly.

NOTE

if you want to test Parrot in live mode, check the “Live CD/DVD” box

Step 3 – Select Network connection type

If your computer is connected to the internet, select NAT on Network > Adapter 1. You can enable more network adapters if you feel you want to do so.

Step 3.1 – Enable USB 2.0 and 3.0 Controllers

Firstly, make sure you have installed the extension pack, or you will not be able to enable USB 2.0 and 3.0 controllers.

If you have not installed it, you can download it here

Then go to files > preferences > extensions, on the right there will be a + button where you can install the extension.

In GNU/Linux, you could also install it from the terminal with sudo apt install virtualbox-ext-pack

Once installed, it will enable VirtualBox Remote Desktop Protocol (VRDP) support and Host webcam passthrough support.

Step 4 – It’s all set up?

Finally, by clicking on your new virtual machine, this is what you should see:

You can always change the configuration the way you prefer.

Step 5 – Booting Parrot Security ISO

From VirtualBox Main Screen, click on Start and boot Parrot Security.

Step 5.1 – choose Install

From VirtualBox Main Screen, it will boot Parrot Security, click in the Virtual Machine, select Try/Install and then click Enter.

Step 5.2 – Choose the default Installer (Calamares)

Here you can test the OS in its entirety, then you can proceed with the installation.

Click on Install Parrot:

and the default installer, Calamares, will start.

Step 5.3 – Select language

In this example we have chosen American English. Click on Next.

Step 5.4 – Select location

Here we have selected America and New York zone. Click on Next.

Step 5.5 – Select keyboard layout

Select the layout that best suits your keyboard, you can also test the keyboard’s key where it says type here to test your keyboard. Click on Next.

Step 5.6 – Parrot Security disk partitioning

As this is all Virtualized, you can choose anything you want to.

We think that guided partitioning for less experienced users is recommended, 40 GB or more are enough, unless you are going to install a lot more programs or keep more files on your hard drive.

Here you can decide whether to enable swap or not. For more information about swap:

https://wiki.debian.org/Swap

https://www.kernel.org/doc/html/latest/power/swsusp.html

If you want, you can also encrypt the system by adding a passphrase:

Step 5.7 – Creating a new user account

You will be asked to create a new user, for simplicity we have chosen a user. You can enter any name in here.

Then, click on Next

Step 6 Completing the installation process

Finally, a summary of the choices made during the procedure:

You can decide whether to change the chosen settings, and then go back, or proceed with the installation of the system. Click on Install.

Confirm by clicking Install now

And wait for the installation to complete!

With an SSD (SATA), it takes a few minutes.

Well done! You have successfully installed ParrotOS on your computer!

Step 7: Login to Parrot Security for the first time

Enter your Password:

You just installed Parrot Security! Congrats!

Introduction to Virtualbox Guest Additions

The Guest Additions are designed to be installed inside a virtual machine after the guest operating system has been installed. They consist of device drivers and system applications that optimize the guest operating system for better performance and usability.

Features of Virtualbox Guest Additions

  • Mouse pointer integration
    • Pressing the Host key is no longer required to “free” the mouse from being captured by the guest OS.
  • Shared folders
    • Shared folders between Host and Parrot.
  • Better video support
    • While the virtual graphics card which VirtualBox emulates for any guest operating system provides all the basic features, the custom video drivers that are installed with the Guest Additions provide you with extra high and non-standard video modes as well as accelerated video performance.
  • (Generally used for changing monitor resolution)
  • Seamless windows
    • With this feature, the individual windows that are displayed on the desktop of the virtual machine can be mapped on the host’s desktop, as if the underlying application was actually running on the host.
  • Generic host/guest communication channels
    • The Guest Additions enable you to control and monitor guest execution in ways other than those mentioned above. The so-called “guest properties” provide a generic string-based mechanism to exchange data bits between a guest and a host, some of which have special meanings for controlling and monitoring the guest.
  • Time synchronization
    • Synchronize date and time from host to Parrot.
  • Shared clipboard
    • Shared clipboard from host to Parrot.

For more infomations, check the VirtualBox manual.

Guest Additions Installation(s)

Method 1 (Easiest)

  1. Open a terminal and update your packages list from the repository with

sudo apt update

 

  1. Install the Guest Additions from Parrot OS repository with

sudo apt install virtualbox-guest-utils

 

  1. And install the last package with

sudo apt install virtualbox-guest-x11

 

  1. When the installation is completed, you can reboot your machine with

sudo reboot

 

  1. Check if Guest Additions are correctly installed by running

sudo /usr/sbin/VBoxService -V

 

Method 2 (From ISO)

  1. On Virtual Machine menu bar, select Devices > Insert Guest Additions CD image….
  2. VirtualBox will not automatically find the Guest Additions, instead it will ask you to download them (Click on Download). We recommend adding an additional secondary optical drive, because once the guest additions are downloaded, they will be mounted on a second drive.

Click on “insert“. If it returns an error (maybe it can’t mount the iso you just downloaded, then turn off the virtual machine, and return to the main VirtualBox screen, go to Setting > Storage, here add another optical drive and make sure it is secondary so as not to give problems in booting the distro).

  1. Then go to the Guest Addition ISO folder, open a terminal and type

sudo chmod +x VBoxLinuxAdditions.run

Once done, execute

sudo ./VBoxLinuxAdditions.run

  1. Wait for the installation to finish. Once completed, reboot the virtual machine with

sudo reboot

How to install ParrotOS on VMware

It is possible to use the OS on VMware in all its editions (Workstation Player, Workstation Pro and also on MacOS, Fusion Player and Fusion Pro).

This guide will allow the user to create a Virtual Machine on VMware Workstation Player. Since the other editions are extensions of the free version of Workstation Player, in the setup and installation procedure, not much will change.

Follow this step by step guide, it will go from installing VMware to creating the Virtual Machine.

Step 1 – Download & install VMware Workstation

Once you have downloaded VMware from the official website, go to the folder where you downloaded it, and open a terminal. Give execution permissions with

sudo chmod +x ./VMware-Workstation-$edition-$architecture.bundle

 

and then, again from the terminal, start it:

sudo ./VMware-Workstation-$edition-$architecture.bundle

 

the installer will complete the installation operation and in the Parrot menu you will find your VMware edition ready for use.

Step 2 – Create a new Virtual Machine

Go to the File tab, and click on Create a New Virtual Machine

A new “Virtual Machine Wizard” window will open which will guide you to create the VM, select Use ISO image and enter the path of the Parrot iso you downloaded in our website, then click on Next button:

NOTE

VMware’s automatic recognizer will recognize the system as Debian 5 64-bit, this is incorrect and not a problem, it can be changed very easily in the next steps.

Select the type of operating system you are installing on your VM (then Linux, Debian 10 64-bit), so give the Virtual Machine a name:

and click on Next.

Based on the Parrot edition downloaded, it is advisable to consult the minimum system requirements, generally 20 gb for a Virtual Machine may be fine for the Home Edition, but for a more complete edition such as the Security Edition, at least 40 gb of dedicated space are recommended.

The next screen will make a summary of the technical specifications of the newly created Virtual Machine. At least 4 GB of RAM is recommended. It is possible to customize other aspects of the VM by clicking on Customize Hardware.

Step 3 – Install Parrot on your Virtual Machine

The Virtual Machine is ready to use, just start it and grub will start with the various modes to run Parrot.

From here on, follow the usual installation procedure to install Parrot on your VM.

Use ParrotOS on your Mac M1/M2 via UTM

The OS is also available to be virtualized on Apple platforms with M1/M2/M3(and its variants) CPUs. Specifically, Parrot can be used through the open source UTM software.

Once you download and install UTM, you will see this screen:

The format we provide to users has the .utm extension, so it is already compatible with UTM itself, which is why, once you download the file from our website, all you have to do is go to the folder where you downloaded Parrot and extract the .utm file.

After correctly extracting the .utm file, simply drag and drop it inside UTM.

the OS will be immediately recognized and by clicking on the Play icon you can immediately use Parrot in your system with MacOS.

Parrot Software Management

In this chapter, we will introduce the apt package manager for Parrot. A program is a series of instructions written in programming languages such as C, Go, Nim or Rust (to name a few). These instructions are stored in text files called sources. To work in our systems, they must be converted to machine language. This step is called compilation. The compilation generates one or several files, understandable by the system, called binaries.

The user does not need to compile the sources of each program as the developers are responsible for compiling and generating the respective binaries. A program can carry not only the executable but a series of files. The developers combine such software into a file called a package. Two of the most well-known are .rpm packages and .deb packages. .rpm was developed by Red Hat and .deb by Debian. Parrot uses the .deb format.

To compile programs, often 3rd party libraries and other programs are necessary. If we tried to compile a program that had dependencies with other libraries and other programs, we would install these “dependencies” before its compilation. Likewise, if we want to install a binary we will need to have installed the necessary dependencies for its correct operation.

To manage these dependencies and the package installation, package managers have been created. There are numerous package managers, some graphical and others via the command line. In this chapter, we will see one of the most famous, created by the Debian developers, and the one used by Parrot: apt.

The main functions of a package manager must be:

  • Software searching
  • Software installation
  • Software update
  • System update
  • Dependency management
  • Software removal

The package manager must check in a given location (it can be a local directory or a network address) for the availability of such software. The locations are called repositories. The system maintains configuration files to check repository locations.

List of Repositories

Although in Parrot it is not necessary (nor recommended) to add new repositories or modify existing ones, we will see where we can configure them. In the file system, under the path /etc/apt/sources.list.d, we find the file parrot.list. The content of this file should be:

stable repository

deb http://deb.parrot.sh/parrot lory main contrib non-free non-free-firmware #deb-src http://deb.parrot.sh/parrot lory contrib non-free non-free-firmware

With this, we make sure we have the correct repository list. In this location the Parrot developers keep the packages updated.

Package Manager

The Parrot package manager is apt. Amongst other things,this manager is responsible for installing packages, checking dependencies, and updating the system. Let’s see what we can do with it. We will see the most common options below. For more in-depth instructions, view the man pages for each of the following commands: apt, apt-cache, dpkg, etc…

Search for a package or text string:

apt search <package/text_string>

 

Show package information:

apt show <package>

 

Show package dependencies:

apt depends <package>

 

Show the names of all the packages installed in the system:

apt list –installed

 

Install a package:

apt install <package>

 

Uninstall a package:

apt remove <package>

 

Delete a package including its configuration files:

apt purge <package>

 

Delete automatically those packages that are not being used (be careful with this command, due to apt’s hell dependency it may delete unwanted packages):

apt autoremove

 

Update the repositories information:

apt update

 

Update a package to the last available version in the repository:

apt upgrade <package>

 

Update the full distribution. It will update our system to the next available version:

sudo parrot-upgrade

 

Clean caches, downloaded packages, etc:

apt clean && apt autoclean

 

These are just some examples. If more information is required, you should check the manual page (man apt).

Install Nvidia GPU Driver

Initially, Parrot uses the Nvidia nouveau open source drivers, since they support most Nvidia cards. These guarantee good stability and allow you to use your gpu without problems for everyday use.

However, it may be necessary to use other drivers that give greater compatibility with different software and make the most of your GPU. For this reason, you can install Nvidia’s official (closed source) drivers.

You have two ways to install, either via the Parrot repository or from the official Nvidia website.

NOTE

Please note the driver installation and configuration may be different for laptop or desktop computers. For example, the user could have a CPU with an iGPU (integrated GPU) and a dGPU (dedicated GPU). The user must choose which to use based on the context.

The differences will be highlighted in this document.

Every step described here has been tested, so it is highly recommended that you read everything in this document very carefully.

Install the driver via the Parrot repositories

If you don’t know your GPU model, open the terminal and type this command:

lspci | grep VGA

 

It will show your GPU model and its architecture. For further information use:

inxi -F

 

This will show your computer information, including the GPU model and also the type of driver used.

Once you have ascertained that you are using the nouveau driver and you want to use the proprietary driver instead, for reasons of driver conflict, you must first disable the nouveau driver.

sudo nano /etc/modprobe.d/blacklist-nouveau.conf

 

Add the following lines and save the file.

blacklist nouveau

options nouveau modeset=0

alias nouveau off

 

Once the file has been saved, proceed with the installation of the Nvidia driver using the following command:

sudo apt update && sudo apt install nvidia-driver

 

NOTE

From kernel 5.16, for compatibility problems, it may be necessary to install the drivers with the following command:

sudo apt install nvidia-driver -t lory-backports

 

This completes the installation, but we recommend that you check that everything went well. To do this, you can use the official utility from Nvidia called nvidia-smi.

Install it by running:

sudo apt install nvidia-smi

 

Start it with the following command:

nvidia-smi

 

In addition, the settings manager will be automatically installed together with the drivers. From here you can change parameters such as the resolution and refresh rate of your monitor.

Nvidia Driver on a computer with iGPU and dGPU

Most modern computers come with an integrated video card in the CPU (iGPU, like an Intel Graphic Card or AMD in most cases) and a dedicated video card (dGPU, Nvidia).

In this guide we’ll deal with the drivers for both video cards and show how to switch between them.

Step 1 – Install NVIDIA Drivers and CUDA Toolkit

Open a terminal window and type:

sudo apt update

 

sudo apt install bumblebee-nvidia primus-nvidia primus-vk-nvidia nvidia-smi nvidia-cuda-dev nvidia-cuda-toolkit

 

Wait for the installation to proceed. When a warning notifying nouveau driver conflicting with nvidia driver appears, click ok:

Step 2 – Blacklist Nouveau

NOTE

if you have already followed the nvidia installation via the Parrot repo you can go to step 3.

After the installation has finished, it’s time to blacklist the nouveau driver in order to make the nvidia driver work.

In the terminal, type:

sudo nano /etc/modprobe.d/blacklist-nouveau.conf

 

And add:

blacklist nouveau

options nouveau modeset=0

alias nouveau off

 

Save the file and reboot.

Step 3 – Configure Bumblebee

Now it’s time to tell bumblebee which driver should be used.

In the terminal open bumblebee.conf:

sudo nano /etc/bumblebee/bumblebee.conf

 

Look for the string Driver= and add nvidia, then look for the string KernelDriver= and add nvidia-current.

Save the file and reboot.

Step 4 – Testing the Drivers

Open a terminal and type:

watch nvidia-smi

 

In a new terminal enter the following command:

optirun hashcat -b -d 1

 

The result should be similar to this:

In nvidia-smi interface, hashcat should appear running using your Nvidia video card.

NOTE

Launching application with primusrun will use PRIMUS Technology, while using optirun will use VirtualGL.

Install the driver from the official Nvidia website

As mentioned at the beginning of this document, drivers can also be installed from Nvidia website.

You can download the latest driver directly from here, where there are also older drivers for old GPUs.

OR

Select the model of your GPU, the operating system (Linux 64 bit) and the branch here.

From the Nvidia website:

Production Branch: Production Branch drivers provide ISV certification and optimal stability and performance for Unix customers. This driver is most commonly deployed at enterprises, providing support for the sustained bug fix and security updates commonly required.

New Feature Branch: New Feature Branch drivers provide early adopters and bleeding edge developers access to the latest driver features before they are integrated into the Production Branches.”

Click on download, and a file with this name will be downloaded:

NVIDIA-Linux-x86_64-<driver version>.run (about 260 mb)

To avoid conflicts with the X graphics server, we will have to use Parrot without a graphical interface (we will have to drop to Runlevel 3).

We can do this simply via systemd, with the systemctl command:

sudo systemctl set-default multi-user.target

 

NOTE

If by any chance you want to go back and reuse Parrot with MATE, use the following commands:

sudo systemctl set-default graphical.target

 

reboot

 

To avoid conflicts with the installation of the new driver, remember to blacklist the nouveau driver:

sudo nano /etc/modprobe.d/blacklist-nouveau.conf

 

Add these lines then save the file:

blacklist nouveau

options nouveau modeset=0

alias nouveau off

 

Run the following command to regenerate the initramfs image.

sudo update-initramfs -u

 

The last step is to disable nouveau drivers by rebooting the machine:

reboot

 

Now navigate to the folder where you downloaded the .run file and give it execute permissions:

sudo chmod +x NVIDIA-Linux-x86_64-<driver version>.run

 

NOTE

If you don’t remember what chmod does, it is recommended that you read the File and Directory permissions document.

After that you can start the .run file:

sudo ./NVIDIA-Linux-x86_64-<driver version>.run

 

The installation wizard process will start and the drivers will be installed along with all utilities (including Nvidia Driver X Settings).

Return to MATE via the command:

sudo systemctl set-default graphical.target

 

You will go from Runlevel 3 to Runlevel 5, and finally you will be able to use the nvidia driver.

To verify that everything went well, start nvidia-smi (already installed through .run file):

nvidia-smi

 

Notice that in this case the latest Nvidia (470.57.02) driver was installed.

AppArmor

AppArmor is an effective and easy-to-use Linux application security system. AppArmor proactively protects the operating system and applications from external or internal threats, even zero-day attacks, by enforcing good behavior and preventing even unknown application flaws from being exploited.

AppArmor security policies completely define what system resources individual applications can access, and with what privileges. Several default policies are included with AppArmor, and using a combination of advanced static analysis and learning-based tools, AppArmor policies for even very complex applications can be deployed successfully in a matter of hours.

Check if AppArmor is installed

AppArmor and it’s profiles should already be enabled and running on Parrot OS. To check if AppArmor is active do:

sudo aa-status –enabled; echo $?

 

The output should return 0. Alternatively run the following command to see the loaded AppArmor profiles:

sudo aa-status

 

If for any reason AppArmor is not pre-installed, continue reading below.

Install AppArmor

sudo apt install apparmor apparmor-utils auditd

 

apparmor = main package
apparmor-utils = utilities for controlling apparmor profiles
auditd = automatic profile generation tools

To enable AppArmor run the following commands:

sudo mkdir -p /etc/default/grub.d

 

echo ‘GRUB_CMDLINE_LINUX_DEFAULT=”$GRUB_CMDLINE_LINUX_DEFAULT apparmor=1 security=apparmor”‘ | sudo tee /etc/default/grub.d/apparmor.cfg

 

sudo update-grub

 

sudo reboot

 

Then run the following command to inspect the current state:

sudo aa-status

 

This will list all loaded AppArmor profiles for applications, processes and detail their status (enforced, complain, unconfined).

For example, to check what is enforce mode, run the following command:

ps auxZ | grep -v ‘^unconfined’

 

To install profile, run the following command:

sudo apt install apparmor-profiles apparmor-profiles-extra

 

AppArmor profiles live in /etc/apparmor.d/. You can use apparmor_parser(8) to insert them into the kernel. This is done automatically when installing packages that drop policy in /etc/apparmor.d/.

For example, to set all “extra” profiles (provided in the apparmor-profiles package) to complain mode (except deny rules that are silently enforced, security policy is not enforced and access violations are logged), do the following:

cd /usr/share/doc/apparmor-profiles/extras

 

cp -i *.* /etc/apparmor.d/

 

for f in *.*;

   do aa-complain /etc/apparmor.d/$f;

done

 

To set these profiles to enforce mode, use aa-enforce instead of aa-complain. Beware though: many of these profiles are not up-to-date and will break functionality in enforce mode (and possibly even in complain mode); enforce them only if you’re ready to improve them upstream.

Disable AppArmor

First, you can disable individual profiles with aa-disable. But if you want to entirely disable AppArmor on your system, run:

sudo mkdir -p /etc/default/grub.d

 

echo ‘GRUB_CMDLINE_LINUX_DEFAULT=”$GRUB_CMDLINE_LINUX_DEFAULT apparmor=0″‘ | sudo tee /etc/default/grub.d/apparmor.cfg

 

sudo update-grub

 

sudo reboot

 

Debug AppArmor

The aa-notify command, from the apparmor-notify package, is able to provide a desktop notification whenever a program causes a DENIED message in /var/log/kern.log. Grant yourself read permissions for /var/log/kern.log by joining the adm group:

sudo adduser “$USER” adm

 

Then aa-notify should automatically start the next time you login (using /etc/xdg/autostart/apparmor-notify.desktop). If it doesn’t, start it manually:

aa-notify -p

 

If you use auditd, you should start aa-notify in this way:

sudo aa-notify -p -f /var/log/audit/audit.log

 

Diagnose if a bug might have been caused by AppArmor

The apparmor-utils package provides many useful commands to debug AppArmor. Find out if AppArmor is enabled through cat command:

cat /sys/module/apparmor/parameters/enabled

 

This will return Y if true.

Find out which profiles are enabled

sudo aa-status

 

The command above will list all loaded AppArmor profiles for applications and processes and detail their status (enforced, complain, unconfined). And,

ps auxZ | grep -v ‘^unconfined’

 

will list running executables which are currently confined by an AppArmor profile. Sometimes, it’s useful to disable a profile and to test again if the bug persists:

sudo aa-disable /etc/apparmor.d/$profile

 

e.g. sudo aa-disable /etc/apparmor.d/usr.bin.pidgin.

You can re-enable the profile in this way:

sudo aa-enforce /etc/apparmor.d/$profile

 

Verify the logs

sudo tail -f /var/log/syslog | grep ‘DENIED’

 

or (if auditd is installed):

sudo tail -f /var/log/auditd/auditd.log | grep ‘DENIED’

 

The “DENIED” lines should provide more information on what concrete process or access to the file system has been denied. Output a list of processes with tcp or udp ports that do not have AppArmor profiles loaded:

sudo aa-unconfined

 

also possible with the –paranoid parameter.

Profiles in complain mode will send ALLOWED lines in the logs for entries that would normally be DENIED in enforce mode. You can use this to tweak configurations before turning them on in enforce mode.

Hash and key verification

Why should anyone verify keys and signatures?

Most people — even programmers — are confused about the basic concepts underlying digital signatures. Therefore, most people should read this section, even if it looks trivial at first sight.

Digital signatures can both prove authenticity and integrity to a reasonable degree of certainty. Authenticity ensures that a given file was indeed created by the person who signed it (i.e. that it was not forged by a third party). Integrity ensures that the contents of the file have not been tampered with (i.e. that a third party has not undetectably altered its contents en route).

Digital signatures cannot prove any other property (e.g. that the signed file is not malicious). There is nothing that could stop someone from signing a malicious program (and it happens from time to time in reality).

The point is that we must decide who we will trust (e.g. Linus Torvalds, Microsoft, or the Parrot Project) and assume that if a given file was signed by a trusted party, then it should not be malicious or negligently buggy. The decision of whether to trust any given party is beyond the scope of digital signatures. It’s more of a sociological and political decision.

Once we decide to trust certain parties, digital signatures are useful, because they make it possible for us to limit our trust only to those few parties we choose and not to worry about all the bad things that can happen between us and them, e.g. server compromises (parrotsec.org will surely be compromised one day, so don’t blindly trust the live version of this site), dishonest IT staff at the hosting company, dishonest staff at the ISPs, Wi-Fi attacks, etc.

By verifying all the files we download that purport to be authored by a party we’ve chosen to trust, we eliminate concerns about the bad things discussed above, since we can easily detect whether any files have been tampered with (and subsequently choose to refrain from executing, installing, or opening them).

However, for digital signatures to make any sense, we must ensure that the public keys we use for signature verification are indeed the original ones. Anybody can generate a GPG key pair that purports to belong to the “Parrot OS” but of course only the key pair that we (i.e. the Parrot Team) generated is the legitimate one. The next section explains how to verify the validity of the ParrotOS signing keys in the process of verifying a Parrot OS ISO. However, the same general principles apply to all cases in which you may wish to verify a PGP signature, such as verifying repositories, not just ISOs.

Fetch the key and Verify the repositories

Optional: Complete the steps below if unfamiliar with GnuPG or if they haven’t already been performed. This will fix eventual GPG: WARNING: unsafe ownership warnings.

1. Firstly, make sure that you have GnuPG initialize your user data folder

2. Set warning free permissions

chmod –recursive og-rwx ~/.gnupg

 

3. Get the ParrotOS key

wget -q -O – https://deb.parrotsec.org/parrot/misc/parrotsec.gpg | gpg –import

 

Warning: Checking the GPG signature timestamp makes sense. For example, if you previously saw a signature from 2018 and now see a signature from 2017, then this might be a targeted rollback (downgrade) or indefinite freeze attack.

ISO Verification

md5sum hash verification

After you obtained the ISO of your choice go here: https://download.parrot.sh/parrot/iso/6.0/signed-hashes.txt to see the signed hashes.

On the first section where it says “MD5” find the hash that matches your downloaded ISO.

For the purpose of this tutorial we will use Parrot-home-6.0_amd64.iso.

Now open a terminal window and run the following command:

md5sum Parrot-home-6.0_amd64.iso

 

Compare the hash (the alphanumeric string on left) that your machine calculated with the corresponding hash on the page signed-hashes.txt linked above.

An easy way to do this is to open the page “signed-hashes.txt” in your browser, then copy the hash your machine calculated from the terminal into the “Find” box in your browser (in Firefox you can open the “Find” box by pressing CTRL + F).

When both hashes match exactly then the downloaded file is almost certainly intact. If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please be kind and notify the parrot team of that mirror so we can investigate the issue.

Other hashes

The method for other hashes such as SHA256 or SHA512 is exactly the same with the above guides only instead of md5 you must use the proper hash you want. Let’s make an example:

sha512sum Parrot-home-6.0_amd64.iso

 

Assistive Technologies

Onscreen Keyboard

To enable the onscreen keyboard please follow these steps.

From the top panel menu:

Or from the bottom panel’s searchbar write Assistive Technologies

Then

Enable assistive technologies -> click on Preferred Applications -> select Onboard keyboard -> Run at start.

Desktop Enviroments

From version 5.0 LTS, ParrotOS is available with the default MATE Desktop Environment (DE) for all editions (Home, Security). However, other desktop environments like XFCE, KDE, etc… can be installed. Each DE has its peculiarity, but we recommend trying them out before deciding what to install (keep in mind that you can install multiple DEs on one OS).

In particular, with the Architect Edition it is possible to install almost all available DEs (such as GNOME, for example).

Being a graphical interface through which the user can interact with the operating system, the possibilities to modify the various components of the DE are many. Each of the following DE gives the possibility to be customized according to one’s tastes.

The differences between all DEs mainly concern the graphical interface, any software is equally available through the Parrot repositories regardless of the DE used.

Feel free to download the edition that is useful to you!

INSTALL A DESKTOP ENVIROMENT

It may be useful to know that the user can install more DE on their Parrot, just type in a terminal:

sudo apt update && sudo apt install parrot-desktop-<desktop environment>

 

then restart your computer. In the login session you can change DE by clicking on the white dot ⚪️ (it’s the “default session”) and change DE. You can now use the newly installed DE with all the tools and configurations already present previously.

TRIM on SSD

SSD Trim allows the drive to check and delete data blocks no longer needed. This means that the drive is always ready to write new data when the old ones are being deleted and that block containing the data is no longer busy.

In order to set up SSD Trim, open the terminal and follow these steps:

  1. Identify your drive first and check if your drive supports the Trim:

$ sudo fdisk -l

$ sudo hdparm -I /dev/sdx

 

NOTE

If it’s supported, the output should contain this: Data Set Management TRIM supported

  1. Backup your fstab to a location of your choice

$ sudo cp /etc/fstab /opt/fstab.bak

 

  1. Edit fstab

$ sudo pluma /etc/fstab

 

The file should result like this:

NOTE

The UUIDs listed below are only examples.

UUID=1cd2fc4f-7d99-4c7a-8ea7-6f9a2d5e5960 /   ext4 errors=remount-ro 0

 

Attach discard, before errors=remount-ro and the final result should be this:

UUID=1cd2fc4f-7d99-4c7a-8ea7-6f9a2d5e5960 /   ext4 discard,errors=remount

Docker images for ParrotOS

Docker is a powerful technology that allows users to run containers universally on any host platform.

Docker uses template images, and allows the user to start several instances of the same template, destroy them, or build new custom templates on top of them.

Parrot uses docker to allow its users to use its vast arsenal of tools on any platform supported by docker.

Parrot Core | Parrot Security

Nmap

Metasploit

Social Engineering Toolkit

Beef-XSS

Bettercap

SQLMap

skip to usage examples

Available Templates

Whether you want to have a container full of tools, or several smaller containers with a tiny selection of tools, or even a clean Parrot environment to build yor custom stack on, this is the right place where to learn how to take advantage of the Parrot Docker workspace.

parrotsec/core

Core system with just the Parrot basics. You can use it as a start point to create your custom containers.

This image is multiarch, and works for amd64, arm64 and armhf architectures

launch the container:

docker run –rm -ti –network host -v $PWD/work:/work parrotsec/core

 

parrotsec/security

This container includes a huge collection of tools that can be used via command line from inside a docker container.

Some tools with graphical interface were excluded for obvious reasons.

This container ships with the following metapackages:

  • parrot-cloud

Launch the container:

docker run –rm -ti –network host -v $PWD/work:/work parrotsec/security

 

Individual Parrot Tools

This is a curated selection of smaller docker containers that contain only specific tools, alone or in cherry-picked collections.

Containers with shared tools are stacked on top of each other (when possible) to minimize storage waste and maximize layers reuse.

available templates:

parrotsec/nmap

based on parrot.run/core provides the following packages:

  • nmap
  • ncat
  • ndiff
  • dnsutils
  • netcat
  • telnet

usage:

docker run –rm -ti parrotsec/nmap <nmap options>

 

examples:

docker run –rm -ti parrotsec/nmap -F 192.168.1.1

 

docker run –rm -ti parrotsec/nmap -Pn 89.36.210.176

 

parrotsec/metasploit

based on parrot.run/nmap:latest provides the following packages:

  • nmap
  • metasploit-framework
  • postgresql

usage:

docker run –rm -ti –network host -v $PWD/msf:/root/ parrotsec/metasploi

 

parrotsec/set

based on parrot.run/metasploit:latest provides the following packages:

  • set

usage:

docker run –rm -ti –network host -v $PWD/set:/root/.set parrotsec/set

 

parrotsec/beef

based on parrot.run/core provides the following packages:

  • beef-xss

usage:

docker run –rm –network host -ti -v $PWD/beef:/var/lib/beef-xss parrotsec/beef

 

parrotsec/bettercap

based on parrot.run/nmap provides the following packages:

  • bettercap

usage:

docker run –rm -ti –network host parrotsec/bettercap

 

parrotsec/sqlmap

based on parrot.run/nmap provides the following packages:

  • sqlmap

usage:

docker run –rm -ti parrotsec/sqlmap <sqlmap options>

 

example:

docker run –rm -ti parrotsec/sqlmap -u parrotsec.org –wizard

Docker usages, instructions and examples

Launch a container

docker run –name pcore-1 -ti parrot.run/core

 

NOTE

the pcore-1 name is arbitrary and can be customized.

Stop the container

docker stop pcore-1

 

Resume a previously-stopped container

docker start pcore-1

 

Remove a container after use

docker rm pcore-1

 

List all the instantiated containers

docker ps -a

 

Start multiple containers

on terminal 1:

docker run –name pentest1 -ti parrot.run/security

 

on terminal 2:

docker run –name pentest2 -ti parrot.run/security

 

on terminal 3:

docker run –name msf-listener -ti parrot.run/metasploit

 

Remove all the containers

docker rm $(docker ps -qa)

 

Start a container and automatically remove it on exit

docker run –rm -ti parrot.run/core

 

Use Volumes to share files with the host:

It is a good practice to not keep persistent docker containers, but to remove them on every use and make sure to save important files on a docker volume.

The following command creates a work folder inside the current directory and mounts it in /work inside the container.

docker run –rm -ti -v $PWD/work:/work parrot.run/core

 

Use Volumes to share files across multiple containers

on terminal 1:

docker run –name pentest -ti -v $PWD/work:/work parrot.run/security

 

on terminal 2:

docker run –rm –network host -v $PWD/work:/work -ti parrot.run/security

 

on terminal 3:

docker run –rm -v $PWD/work:/work -ti parrot.run/metasploit

 

Open a port from the container to the host

Every docker container has its own network space connected to a virtual LAN.

All the traffic from within the docker container will be NATted by the host computer.

If you need to expose a port to other machines outside your local computer, use the following example:

docker run –rm -p 8080:80 -ti parrot.run/core

 

Note that the first port is the port that will be opened on your host, and the second one is the container port to bind to.

Here is a reference usage of the -p flag:

-p <host port>:<container port> (e.g. -p 8080:80)

 

-p <host port>:<container port>/<protocol> (e.g. -p 8080:80/tcp)

 

In case of multiple addresses on host network:

-p <address>:<host port>:<container port> (e.g. -p 192.168.1.30:8080:80)

 

Use network host instead of Docker NAT

Every docker container has its own network space connected to a virtual LAN.

All the traffic from within the docker container will be NATted by the host computer.

If you need to make the docker container share the same networking space of the host machine, then use the –network host flag as shown below

docker run –rm –network host -ti parrot.run/core

 

NOTE

  • Every port opened in the container will be opened on the host as well.
  • You can perform packet sniffing on the host network.
  • iptables rules applied inside the container will take effect on the host as well.

How to create a Parrot USB drive

How to create a Bootable Device

First of all, you need to download the latest ISO file from our website.

Then you can burn it using Balena Etcher or ROSA ImageWriter. They both work on GNU/Linux, Mac OS and Windows. We strongly recommend to use Etcher, but you can also use the DD command line tool if you prefer it.

The Parrot ISO uses the iso9660 format (also known as isohybrid). It is a special ISO format that contains not only the partition content, but also the partition table.

Some ISO writing programs do not write the iso bit-per-bit into the usb drive at a low level. They create a custom partition table and just copy the file in the USB drive in an unofficial and non-standard way. This behavior is against what the isohybrid was created for, and may break core system functionalities and make the system uninstallable from such USB drives.

It is highly recommended NOT to use programs like unetbootin, or any program which not isohybrid compliant.

You need a USB drive of at least 8 GB for Security Edition and 4 GB for Home Edition.

A quick summary of which tools you can use to create your Parrot USB:

Parrot USB boot procedure using Balena Etcher

Plug your USB stick into your USB port and launch Balena Etcher. Download and unzip it.

Click on .AppImage file.

Click on Flash from file. Select the Parrot ISO and verify that the USB drive you are going to overwrite is the right one.

Flash!

Once the burning is complete, you can use the USB stick as the boot device for your computer and boot Parrot OS.

Parrot USB boot procedure using DD command line tool

dd (and its derivatives) is a command line tool integrated in every UNIX and UNIX-like system, and it can be used to write the ISO file into a block device bit per bit. Due to the potential to brick your system, if you are not familiar with GNU/Linux we strongly recommend to use Etcher.

i.g.

sudo dd status=progress if=Parrot-<edition>-<version>_amd64.iso of=/dev/sdX

Parrot USB boot procedure using ROSA image writer

As mentioned at the beginning of this chapter, you can also use ROSA image writer to create your USB with Parrot. Download it from the website and extract all files. Then, click on “RosaImageWriter“:

Select the ISO and USB.

Click on Write and wait for the writing procedure to finish.

How to create persistent partition on USB

This guide shows how to create a persistent partition inside USB with ParrotOS. To do this we will use the mkusb tool.

Install mkusb

After downloading the ParrotOS .iso file from our website, download mkusb from the repository.

git clone https://github.com/sudodus/tarballs.git

 

Navigate to the downloaded folder and unpack dus-plus.tar.xz with tar:

cd tarballs && tar -xf dus-plus.tar.xz

 

NOTE

Why only dus-plus.tar.xz instead of dus.tar.xz? In short, it contains the usb-pack-efi package needed to boot the partition.

Go inside the newly extracted dus-tplus folder, and install the tool by typing:

cd dus-tplus/ && sudo ./dus-installer i

 

In the same terminal session, type dus (or open guidus from Parrot’s menu) and it will start:

NOTE

dus will ask to install the guidus GUI as well, the functionality will remain the same.

This tool can also be used to make a USB bootable, restore, format and other interesting things.

Create the persistent partition

Select install (make a boot device). Then, Persistent-live option.

Select dus-Persistent from the menu to choose the method to create the persistent partition.

Now select the .iso to install:

Select the USB where you want to install Parrot (we recommend using at least a 4GB USB key).

Select the upefi package and click ok.

You can allocate as much space as you like for the persistent partition from this window:

From here, click Go to confirm the operation. The persistent partition will be ready in a few minutes.

GRUB

This guide will give you a list of known solutions to use when you are having problems with GRUB.

NOTE

If you want to know more about GRUB:

GRUB – gnu.org

GRUB – Wikipedia

Step 1 – Pick up ParrotOS Live ISO

In order to repair GRUB:

Download the latest ParrotOS .iso, flash it onto an USB drive and boot it.

Step 2 – Disk and partition identification

Once you entered the live mode, open terminal and type

sudo fdisk -l

 

The output should be similar to this. /dev/sda is usually the first SSD or HDD. If you have an NVMe M.2, the disk will be named /dev/nvme0n1.

  • /dev/sda1 usually is the EFI partition, used for booting the OS in UEFI systems.
  • /dev/sda2 is ParrotOS partition.

Step 3 – Create the mount folder

A mount folder is needed to perform this operation. So, in the same terminal window, type:

mkdir /mnt

 

This is the main folder. Next type:

mkdir /mnt/boot

 

followed by:

mkdir /boot/efi

 

Which creates the directory used for mounting the EFI partition. This is needed for installing the correct GRUB package.

Step 4 – Mount Partitions

Now it’s time to mount the partitions. In the same terminal window, type

sudo mount -o subvol=@ /dev/sda2 /mnt

 

NOTE

This is needed since ParrotOS default filesystem is btrfs and it has subvolumes enabled.

Mount the dev, proc, sys folders and the EFI partion in order to get access to the system.

In the same terminal window, type

sudo mount –bind /dev /mnt/dev

 

sudo mount –bind /proc /mnt/proc

 

sudo mount –bind /sys /mnt/sys

 

sudo mount /dev/sda1 /mnt/boot/efi

 

Step 5 – Chrooting and installing GRUB

Time to enter the system. In the same terminal window, type

sudo chroot /mnt

 

Once in chroot environment, type

grub-install /dev/sda

 

After the installation is finished, type exit so as to exit the chroot environment.

Step 6 – Unmounting partitions and rebooting system

After exiting the chroot environment, unmount all of the partitions and folders used. In the same terminal window type:

sudo umount /mnt/dev

 

sudo umount /mnt/proc

 

sudo umount /mnt/sys

 

sudo umount /mnt/boot/efi

 

sudo umount /mnt

 

Type reboot and press enter. You should now have a restored GRUB working flawlessly.

AnonSurf

AnonSurf is Parrot’s anonymous mode wrapper to force connections through Tor. It is written in Nim Language and uses GTK libraries so it can be used via a graphical interface (GUI) and a CommandLine Interface (CLI).

It can be used on ParrotOS and it is pre-installed on both main editions (Home and Security). It can be started from the Parrot menu, going to Applications and then Privacy:

To start it, press Start, and to verify that everything is working, you can click on My IP and Details.

Clicking on Tor Stats will show all the details about the current use being made under the Tor network.

With Change Identity you will switch to another exit node:

AnonSurf CLI

Technical details

AnonSurf works on iptables forcing applications to use the Tor network. iptables is an integrated firewall in the Linux kernel that allows the incoming and outgoing passage of all packages, then Tor is used to perform the tunneling of all the user’s traffic in an anonymous way.

Since version 3.2.0, AnonSurf has been rewritten, with a new code structure. The new versions are available here and you can try them by following this guide:

First of all, being written in Nim, some dependencies need to be installed:

sudo apt install nim

 

sudo apt install libnim-gintro-dev

 

Then you can download the anonsurf source:

cd anonsurf/

 

make build

 

make install

 

Some information about Tor

  • Tor is a SOCKS4/SOCKS5 encryption protocol.
  • Tor tunnels all traffic running across the users network anonymously.
  • Tor conceals a user’s location and network data from anyone monitoring the user locally, and remotely.

Tor Has Several Use Cases

  • Used with on the browser (torbrowser)
  • IRC clients (like hexchat)
  • Instant messanging (torchat, tormessanger)
  • Hidden servers (Creating .onion sites)

Tor Technical Details

  • The Tor protocol works by multiplexing [1] multiple “circuits” over a single node-to-node TLS connection.
  • Tor traffic is routed through 3 nodes by default: Guard, relay, and exit.

[1] To be able to route multiple relays, Tor has something called stream multiplexing capability:

  • multiple TCP connections can be carried over a single Tor circuit.
  • Each node knows only the source and destination pairing for a circuit. It does not know the whole path.

Nmap

Nmap or Network Mapper is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping). Nmap’s power can be summarized as follows:

  • Flexible
  • Powerful
  • Portable
  • Easy
  • Free
  • Well Documented
  • Supported
  • Acclaimed
  • Popular

Sample nmap command

nmap -A -T4 scanme.nmap.org

 

Nmap option summary

If you want to get a summary of nmap’s command just run nmap without any command like this:

nmap

 

Nmap Host discovery

One of the very first steps in any network reconnaissance mission is to reduce a (sometimes huge) set of IP ranges into a list of active or interesting hosts. Scanning every port of every single IP address is slow and usually unnecessary. Of course what makes a host interesting depends greatly on the scan purposes. Network administrators may only be interested in hosts running a certain service, while security auditors may care about every single device with an IP address. An administrator may be comfortable using just an ICMP ping to locate hosts on his internal network, while an external penetration tester may use a diverse set of dozens of probes in an attempt to evade firewall restrictions

# (List Scan)

nmap  -sL

 

# (No port scan)

nmap  -sn

 

# (No ping)

nmap  -Pn

 

# (TCP SYN Ping)

nmap  -PS <port list>

 

# (TCP ACK Ping)

nmap -PA <port list>

 

# (UDP Ping)

nmap  -PU <port list>

 

# (SCTP INIT Ping)

nmap  -PY <port list>

 

# (ICMP Ping Types)

nmap  -PE; -PP; -PM

 

# (IP Protocol Ping)

nmap  -PO <protocol list>

 

# (No ARP or ND Ping)

nmap  –disable-arp-ping

 

# (Trace path to host)

nmap  –traceroute

 

# (No DNS resolution)

nmap  -n

 

# (DNS resolution for all targets)

nmap  -R

 

# (Scan each resolved address)

nmap  –resolve-all

 

# (Use system DNS resolver)

nmap  –system-dns

 

# (Servers to use for reverse DNS queries)

nmap  –dns-servers <server1>[,<server2>[,…]]

 

Nmap Port Scanning Basics

While Nmap has grown in functionality over the years, it began as an efficient port scanner, and that remains its core function. The simple command nmap target scans 1,000 TCP ports on the host target. While many port scanners have traditionally lumped all ports into the open or closed states, Nmap is much more granular. It divides ports into six states: open, closed, filtered, unfiltered, open|filtered, or closed|filtered.

These states are not intrinsic properties of the port itself, but describe how Nmap sees them. For example, an Nmap scan from the same network as the target may show port 135/tcp as open, while a scan at the same time with the same options from across the Internet might show that port as filtered

Six port states recognized by Nmap

  • open

An application is actively accepting TCP connections, UDP datagrams or SCTP associations on this port. Finding these is often the primary goal of port scanning. Security-minded people know that each open port is an avenue for attack. Attackers and pen-testers want to exploit the open ports, while administrators try to close or protect them with firewalls without thwarting legitimate users. Open ports are also interesting for non-security scans because they show services available for use on the network.

  • closed

A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it. They can be helpful in showing that a host is up on an IP address (host discovery, or ping scanning), and as part of OS detection. Because closed ports are reachable, it may be worth scanning later in case some open up. Administrators may want to consider blocking such ports with a firewall. Then they would appear in the filtered state, discussed next.

  • filtered

Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port. The filtering could be from a dedicated firewall device, router rules, or host-based firewall software. These ports frustrate attackers because they provide so little information. Sometimes they respond with ICMP error messages such as type 3 code 13 (destination unreachable: communication administratively prohibited), but filters that simply drop probes without responding are far more common. This forces Nmap to retry several times just in case the probe was dropped due to network congestion rather than filtering. This slows down the scan dramatically.

  • unfiltered

The unfiltered state means that a port is accessible, but Nmap is unable to determine whether it is open or closed. Only the ACK scan, which is used to map firewall rulesets, classifies ports into this state. Scanning unfiltered ports with other scan types such as Window scan, SYN scan, or FIN scan, may help resolve whether the port is open

  • open|filtered

Nmap places ports in this state when it is unable to determine whether a port is open or filtered. This occurs for scan types in which open ports give no response. The lack of response could also mean that a packet filter dropped the probe or any response it elicited. So Nmap does not know for sure whether the port is open or being filtered. The UDP, IP protocol, FIN, NULL, and Xmas scans classify ports this way.

  • closed|filtered

This state is used when Nmap is unable to determine whether a port is closed or filtered. It is only used for the IP ID idle scan.

Not shown: 995 filtered ports

PORT     STATE  SERVICE

80/tcp   open   http

113/tcp  closed ident

443/tcp  open   https

8080/tcp open   http-proxy

8443/tcp open   https-alt

 

Nmap done: 1 IP address (1 host up) scanned in 18.57 seconds

# Notice the STATE

rclone

rclone is a CLI tool that makes it easier to manage and sync files and directories in cloud storage and remote systems. It’s officially supported by Google Drive, Dropbox, Amazon S3, and many other services.

Common rclone use cases:

  • Mounting a remote: Mount a remote storage system as a local filesystem using rclone mount.
  • Filters and Exclusions: Use filters to include or exclude files based on patterns.
  • Limit bandwidth on transfer: Limit the transfer rate to avoid using excessive bandwidth.
  • Encrypt files and Cache: Use the crypt backend to encrypt files and the cache backend to cache files for faster access.
  • Schedule Backups: Schedule rclone commands using cron jobs or other task scheduling mechanisms.

Let’s see in detail how to use rclone.

First, open a terminal window and launch

sudo apt update && sudo apt install rclone

 

This will install rclone in your system. Now it needs to be configured:

rclone config

 

The configuration wizard will ask for the remote name, storage type, and credentials (whether they are API keys, authentication tokens, etc.), so be sure to check the instructions given by your provider and take note of these credentials. After that, rclone is ready to be used.

Basic Usage

NOTE

It’s good practice to test every command by attaching the –dry-run flag. After ensuring that everything is okay, repeat the command without –dry-run option.

  1. List all of the remotes configured

rclone listremotes

 

  1. Copy files from source storage to destination storage

rclone copy source:path dest:path

 

where source:path is the source storage and dest:path is the remote storage of destination (e.g a personal folder sent to a remote, or a file sent from a remote to another)

  1. Sync storage

rclone sync source:path dest:path

 

  1. List all of the files in a remote

rclone ls remote:path

 

  1. Delete all files from a specific path in the remote

rclone delete remote:path

 

Wget

Wget is a CLI tool which lets you download files and use REST API interactively. It supports HTTP, HTTPS, FTP and FTPS.

Here’s some most common use cases:

  • Direct File Download

wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.39.2.tar.bz2

 

Launching this command will download directly the file inside the folder where the command has been launched. This is the basic command.

  • Background download wget -b

wget -b http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.39.2.tar.bz2

 

This option is very useful when starting a download on a remote machine via SSH. It will initiate the download in background, allowing the user to disconnect from the terminal once the command is launched.

  • Resuming interrupted or partially broken downloads wget -c

wget -c http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.39.2.tar.bz2

 

A very useful command for downloading large files that may be interrupted before the complete download. Additionally, if a file with the same name as the one being downloaded already exists, the option is able to check its size and start downloading the remaining part of the file instead of downloading it again.

  • Maximum number of attempts wget –tries

wget –tries=10 http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.39.2.tar.bz2

 

It can happen to encounter a particularly slow or crowded server. Therefore, it is necessary to set a maximum number of attempts to avoid getting stuck on this download. In this example, the maximum number of attempts has been set to 10.

  • Multiple Download wget -i

wget -i input.txt

 

A very powerful option. User can provide a text file as input to wget containing a series of URLs. The utility will sequentially download all the resources that the links listed in the text file point to, in this case is input.txt

  • Limiting download speed wget –-limit-rate=

wget –limit-rate=1k http://www.kernel.org/pub/linux/kernel/v3.0/testing/patch-3.0-rc4.bz2

 

If you need to limit the amount of bandwidth for downloads, wget allows the user to do so with the “limit-rate” option, and in the example shown, the limit has been set to 1kB/s.

  • Download with proxy enabled

To download through a proxy, it’s not necessary to use any strange options but rather set an environment variable called http_proxy. To do this, the syntax is as follows:

export http_proxy=”http://myproxyserver:8080″

 

The address http://myproxyserver:8080 represents the proxy server with the communication port. If it’s necessary to authenticate and use the proxy, then the syntax is as follows:

export http_proxy=”http://username:password@myproxyserver:8080″

Mirrors

The Parrot Project not only delivers a ready-to-use system in the ISO format, but it also provides a vast amount of additional software that can be installed apart from the official parrot repository.

The Parrot repository is used to provide officially supported software, system updates and security fixes.

The mirrors network

The software in the parrot archive is delivered in form of deb packages, and these packages are served through a vast network of mirror servers that provide the same set of packages distributed all around the world for faster software delivery.

The Parrot system is configured to use the central parrot archive directors. The Parrot directors are special servers that collect all the requests of the end users and redirect them to the geographically nearest download server available for the user who made the request.

If you want and can, you can make your own mirror for Parrot following this procedure.

Security measures

The Parrot Mirror Network is secured by centralized digital signatures and the mirrors can’t inject fake updates.

If an evil mirror tries to inject a fake package, the Parrot system will automatically refuse to download and install it, and will raise an alert message.

This security measure implemented in APT (the Parrot/Debian package manager) is very efficient and reliable because digital signatures are applied offline by the Parrot archive maintainer, and not by the mirror servers, ensuring direct and secure developer-to-user chain of trust.

Configuration and custom setup

The APT package manager uses /etc/apt/sources.list and any .list file found in the /etc/apt/sources.list.d/ directory.

NOTE

/etc/apt/sources.list is EMPTY and the default APT configuration is located at /etc/apt/sources.list.d/parrot.list

Content of /etc/apt/sources.list.d/parrot.list

deb https://deb.parrot.sh/parrot lory main contrib non-free non-free-firmware

deb https://deb.parrot.sh/parrot lory-security main contrib non-free non-free-firmware

deb https://deb.parrot.sh/parrot lory-backports main contrib non-free non-free-firmware

#deb-src https://deb.parrot.sh/parrot lory main contrib non-free non-free-firmware

#deb-src https://deb.parrot.sh/parrot lory-security main contrib non-free non-free-firmware

#deb-src https://deb.parrot.sh/parrot lory-backports main contrib non-free non-free-firmware

 

Updates/Testing purpose

The ‘parrot-updates’ repository provides updates before they are made available to ‘parrot’. This repo is mostly meant to be used by developers and beta testers to extensively test updates before they are migrated to the main repository.

We suggest to not enable it, as it may introduce untested bugs and make the system unstable. Updates are delivered as fast as possible (within a week), so you are not missing anything important with this disabled (unless you are a dev):

deb https://deb.parrot.sh/parrot lory-updates main contrib non-free non-free-firmware

Make your own mirror

You can set up a Parrot archive mirror on your server for personal or public usage by following the steps below.

Make sure to have enough free space

You can sync the entire repository or pick just the ISO images.

Make sure to have enough free space to host a mirror, and be ready for future upgrades as the archive size fluctuates.

The current archive size is available here archive.parrotsec.org/parrot/misc/archive-size.txt

Dockerized Setup

We have a provided docker image located at registry.gitlab.com/parrotsec/project/parrot-mirror-docker:main, you may use our suggested docker compose file:

services:

 parrot-mirror:

   image: registry.gitlab.com/parrotsec/project/parrot-mirror-docker:main

   ports:

     – “8000:80” # Port Exposed for HTTP, container port is 80

     – “873:873” # Rsync Daemon Port

   volumes:

     – ./mirror-tmp:/mirror # Where do you want the mirror files to be stored? Must be mapped to /mirror internally.

   environment:

     SOURCE: “rsync://rsync.parrot.sh:/parrot” # Where the mirror should sync from

     BWLIMIT: “0” # Bandwidth limit for rsync

 

Please change the configuration noted as applicable for your setup. The volume must be mounted at /mirror, unless you rebuild the container and change the relevant configuration.

Helm Chart

A Helm Chat chart is also availble, and can be installed as follows:

  1. Add the Helm Repo helm repo add 0xemma https://0xemma.github.io/helm-charts
  2. helm install parrot-mirror 0xemma/parrot-mirror

You may change the values.yaml as needed to match your setup.

Manual Setup

Choose the upstream server

We handle several domains for repository syncing services, we suggest you use rsync.parrot.sh for automatic and failproof setups, but upstream settings can be adjusted in case of specific needs.

Feel free to contact the Parrot team if you have specific mirroring needs or bandwidth limitations. We can provide you dedicated upstream sources or professional support for your mirror.

Main Mirror Director:

   rsync.parrot.sh

 

Global Zones (read the notes):

   EMEA:

       emea.rsync.parrot.sh

   NCSA:

       ncsa.rsync.parrot.sh

   APAC:

       apac.rsync.parrot.sh

 

Single archives may be unavailable or replaced from time to time.

rsync.parrot.sh is automatically balanced between all the available mirrors and will give you zero downtimes.

Download the archive

If you sync the entire archive with the below instructions, you do NOT need to synchronize the ISO archive. ISO files are included by default!

Sync the repository

rsync -Pahv –delete-after rsync://rsync.parrot.sh:/parrot /var/www/html/parrot

 

Configure a cronjob

launch the following command:

crontab -e

 

and add the following content to the crontab file:

*/10 * * * * flock -xn /tmp/parrot-rsync.lock -c ‘rsync -aq –delete-after rsync://rsync.parrot.sh:/parrot /var/www/html/parrot’

 

Download the ISO archive only

Do not sync the ISO archive if you are already synchronizing the full archive with the above instructions. ISO files are already provided with the instructions in the precedent paragraph.

use the following instructions if you want to sync only the ISO files.

Sync the repository

rsync -Pahv –delete-after rsync://rsync.parrot.sh:/parrot-iso /var/www/html/parrot

 

Configure a cronjob

launch the following command:

crontab -e

 

and add the following content to the crontab file:

30 2 * * * flock -xn /tmp/parrot-rsync.lock -c ‘rsync -aq –delete-after rsync://rsync.parrot.sh:/parrot-iso /var/www/html/parrot’

 

Expose your mirror via rsync

Your mirror can be exposed via rsync to allow other people to sync from you and to allow our mirror director to periodically scan your mirror and perform indexing and health checks.

Rsync exposure is mandatory to add your mirror to our official list.

The following instructions will set up rsync and expose the parrot archive in compliance with our standards on a debian/ubuntu server. Minor adjustments are required for other non-apt systems.

install rsync with:

sudo apt install rsync

 

edit /etc/rsyncd.conf with nano:

sudo nano /etc/rsyncd.conf

 

paste the following settings in the config file and save it:

[parrot]

       comment = Parrot OS – full archive [rsync.parrot.sh/parrot]

       path = /var/www/html/parrot/

       hosts allow = *

       #hosts deny = *

       list=true

       uid=www-data

       gid=www-data

       read only = yes

       use chroot=yes

       dont compress # for better performance

 

[parrot-iso]

       comment = Parrot OS – ISO files only [rsync.parrot.sh/parrot-iso]

       path = /var/www/html/parrot/

       exclude = pool dists

       hosts allow = *

       list=true

       uid=www-data

       gid=www-data

       read only = yes

       use chroot=yes

       dont compress

 

Enable the rsync service:

sudo systemctl enable rsync

 

Start the rsync service:

sudo service rsync start

 

Make your mirror official

If you want your mirror to be added to our official mirrors list and to our mirror directors, email us at [email protected].



 

Leave a Comment

Your email address will not be published. Required fields are marked *

Treyzz
Services
Courses
Shopping
Scroll to Top