ParrotOS Basics

What is ParrotOS?

ParrotOS is a Debian-based Linux distribution designed for security testing, digital forensics, reverse engineering, and privacy protection. It comes pre-installed with hundreds of security tools, making it ideal for penetration testers and security professionals.

Why ParrotOS?

Advantages

• Lightweight: Runs efficiently on older hardware
• Privacy-focused: Built with anonymity in mind
• Comprehensive toolset: 600+ security tools pre-installed
• Regular updates: Active development and security patches
• User-friendly: Easier for beginners than Kali Linux
• Multiple editions: Home, Security, HTB (Hack The Box)

ParrotOS vs Kali Linux

Feature	ParrotOS	Kali Linux
Base	Debian Testing	Debian Testing
Resource Usage	Lighter	Heavier
Desktop	MATE/KDE	XFCE/KDE/GNOME
Target Audience	Broader	Pen-testers
Privacy Tools	More	Fewer

Installation

System Requirements

• Minimum: 512MB RAM, 20GB disk
• Recommended: 2GB RAM, 40GB disk, dual-core CPU

Installation Methods

1. Live USB: Boot without installing
2. Full Installation: Install to hard drive
3. Virtual Machine: VMware/VirtualBox
4. Dual Boot: Alongside Windows/macOS

Post-Installation Setup

# Update system
sudo apt update && sudo apt upgrade -y

# Update tool repositories
sudo parrot-upgrade

# Install additional tools
sudo apt install -y tool-name

Desktop Environment

ParrotOS uses MATE desktop by default:

• Menu: Access applications
• Terminal: Ctrl+Alt+T
• File Manager: Caja
• Text Editor: Pluma

Pre-installed Tool Categories

Information Gathering

• Nmap: Network scanner
• Recon-ng: Reconnaissance framework
• TheHarvester: Email/subdomain gathering
• Maltego: OSINT and forensics

Vulnerability Analysis

• OpenVAS: Vulnerability scanner
• Nikto: Web server scanner
• SQLMap: SQL injection tool
• Burp Suite: Web application testing

Wireless Attacks

• Aircrack-ng: WiFi security auditing
• Wifite: Automated wireless attack tool
• Kismet: Wireless network detector
• Reaver: WPS attack tool

Exploitation

• Metasploit: Exploitation framework
• BeEF: Browser exploitation
• Social Engineering Toolkit: Social engineering attacks

Password Attacks

• John the Ripper: Password cracker
• Hashcat: Advanced password recovery
• Hydra: Network login cracker
• CeWL: Custom wordlist generator

Forensics

• Autopsy: Digital forensics platform
• Volatility: Memory forensics
• Binwalk: Firmware analysis
• Foremost: File recovery

Essential ParrotOS Commands

System Management

# Check ParrotOS version
cat /etc/os-release

# Update ParrotOS
sudo parrot-upgrade

# Start/stop services
sudo systemctl start service-name
sudo systemctl stop service-name
sudo systemctl status service-name

# View system logs
sudo journalctl -xe

Network Configuration

# View network interfaces
ip addr show
ifconfig

# Enable/disable interface
sudo ifconfig eth0 up
sudo ifconfig eth0 down

# Change MAC address
sudo ifconfig eth0 down
sudo macchanger -r eth0
sudo ifconfig eth0 up

# Configure static IP
sudo nano /etc/network/interfaces

Tool Management

# Search for tools
apt search keyword

# Install tool
sudo apt install tool-name

# Remove tool
sudo apt remove tool-name

# Update tool database
sudo updatedb

AnonSurf - Anonymous Browsing

ParrotOS includes AnonSurf for anonymous internet browsing:

# Start anonymous mode
sudo anonsurf start

# Stop anonymous mode
sudo anonsurf stop

# Check status
sudo anonsurf status

# Change Tor identity
sudo anonsurf change

Warning: AnonSurf routes all traffic through Tor, which can be slow.

Workspace Organization

Create Project Structure

mkdir -p ~/pentesting/{recon,scanning,exploitation,reporting}
mkdir -p ~/tools/{custom,scripts}
mkdir -p ~/wordlists

Best Practices

1. Organize by engagement: Create folders for each target
2. Document everything: Keep detailed notes
3. Backup regularly: Use external drives or cloud
4. Use version control: Git for scripts and notes
5. Clean up: Remove sensitive data after engagements

Customization

Terminal Customization

# Install ZSH
sudo apt install zsh

# Install Oh My Zsh
sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

# Change theme
nano ~/.zshrc
# Set ZSH_THEME="agnoster"

Useful Aliases

# Add to ~/.bashrc or ~/.zshrc
alias ll='ls -lah'
alias update='sudo apt update && sudo apt upgrade -y'
alias ports='netstat -tulpn'
alias myip='curl ifconfig.me'

Security Best Practices

1. Keep system updated: Regular updates prevent exploits
2. Use strong passwords: For root and user accounts
3. Enable firewall: sudo ufw enable
4. Encrypt sensitive data: Use LUKS or VeraCrypt
5. VPN usage: Additional layer of privacy
6. Disable unnecessary services: Reduce attack surface
7. Regular backups: Protect your work

Common Issues and Solutions

Issue: Tools not working

# Update tool database
sudo apt update
sudo parrot-upgrade

Issue: Network not working

# Restart network manager
sudo systemctl restart NetworkManager

Issue: Display problems

# Reinstall display drivers
sudo apt install --reinstall xserver-xorg

Practice Environment Setup

Local Lab

1. Install VirtualBox/VMware
2. Create vulnerable VMs (Metasploitable, DVWA)
3. Set up isolated network
4. Practice safely

Online Platforms

• Hack The Box: Realistic pentesting labs
• TryHackMe: Guided learning paths
• PentesterLab: Web application security
• VulnHub: Downloadable vulnerable VMs

Next Steps

After mastering ParrotOS basics:

1. Learn networking fundamentals
2. Practice with CTF challenges
3. Study penetration testing methodologies
4. Get hands-on with vulnerable machines
5. Consider certifications (CEH, OSCP, eJPT)

Resources

• Official Documentation: https://parrotsec.org/docs/
• Community Forum: https://community.parrotsec.org/
• Tool Documentation: man tool-name
• Video Tutorials: YouTube channels on ethical hacking