Verified Commit 9cf34546 authored by Lorenzo "Palinuro" Faletra's avatar Lorenzo "Palinuro" Faletra
Browse files

update documentation

parent 92141c7d
......@@ -14,7 +14,7 @@ Penetration testing is a time intensive job, maintaining your toolkit shouldn't
be also. We make it easier for professionals to accomplish the important stuff
by reducing the time and effort wasted making sure their tools work.
Not sure if Parrot is for you? Check out "[Should I use Parrot?](https://docs.parrotlinux.org/intro/what-is-parrot/#should-i-use-parrot)" to be sure.
Not sure if Parrot is for you? Check out "[Should I use Parrot?](https://docs.parrotsec.org/intro/what-is-parrot/#should-i-use-parrot)" to be sure.
### What is the default live password?
......@@ -52,6 +52,28 @@ Then click on the button to update the packages list.
Click on the other button to select the upgrades and finally apply the changes.
### Security or Home edition, which one should i choose?
Parrot Home Edition and Parrot Security Edition are identical, and the only difference between them is the set of software that comes pre-installed.
Parrot OS Home Edition comes with **no** security tools, while Parrot OS Security Edition comes with all the hacking and pentest tools pre-installed.
You can install Parrot Home and install only the hacking tools you actually need, or you can install all of them at once with `sudo apt install parrot-tools-full`
You can also install Parrot Home as your primary OS and then install the Security Edition as a virtual machine to isolate your home environment form your working one.
### MATE or KDE, which one should i choose?
MATE is our primary Desktop Environment and it is what we consider to be the default one.
If you don't know which one to choose, go with the MATE edition.
KDE Plasma is another Desktop Environment with a different look and feel that you can try if the MATE edition is not for you.
We also support other desktop environments like XFCE and i3, but these are experimental and it is up to you to customize them to fit your needs.
### Why isn't $toolname installed?
We have a set of prerequisites to check before a tool makes its way into our repositories such as:
......@@ -75,11 +97,11 @@ If the answers were “Yes” we're more than glad to take your request via our
### Where can bugs be submitted?
If the bug involves a specific piece of software maintained by Parrot, then search the project on our [Dev Portal](https://nest.parrot.sh/) and open an issue.
If the bug involves a specific piece of software maintained by Parrot, then search the project on our [Dev Portal](https://nest.parrotsec.org/) and open an issue.
If the bug involves a software package that is not listed, then you should contact the maintainer of that particular software.
If you are not sure what software is involved, or if you don't know how to contact the upstream developer, then contact us on our [Community Portal](https://community.parrotlinux.org/c/development/)
If you are not sure what software is involved, or if you don't know how to contact the upstream developer, then contact us on our [Community Portal](https://community.parrotsec.org/c/development/)
### What should my sources.list look like?
......@@ -153,7 +175,7 @@ There are several and we think you should try both to really get a solid feeling
### Can I contribute to this FAQ?
Of course! The pages are written in Markdown and can be accessed [here](https://nest.parrotsec.org/parrot-organization/documentation/blob/master/docs/faq.md).
Of course! The pages are written in Markdown and can be accessed [here](https://nest.parrotsec.org/org/documentation/blob/master/docs/faq.md).
 
......
# Home
For the Parrot Project homepage, visit [parrotlinux.org](https://parrotlinux.org).
For the Parrot Project homepage, visit [parrotsec.org](https://parrotsec.org).
An important part of any operating system is documentation, the technical manuals which describe the operation and use of programs. As part of its efforts to create a high-quality free operating system, the Parrot Project is making every effort to provide all of its users with proper documentation in an easily accessible form.
The documentation is a continuous work in progress, and all Parrot users are invited to contribute to the creation and translation process of this portal.
![screenshot](https://docs.parrotlinux.org/img/screenshot.png)
![screenshot](https://docs.parrotsec.org/img/screenshot.png)
 
......
......@@ -10,7 +10,7 @@ NOTE: Currently a WIP (work in progress, some links might not work and some docu
## What is Firejail
Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table.
Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table and system files, and it is used to allow a program to access only the resources it needs to work in order to remove elements commonly used in system exploitation or reduce the attack surface and limit the damage caused by a successful attack even in 0day exploits are involved.<
Written in C with virtually no dependencies, the software runs on any Linux computer with a 3.x kernel version or newer. The sandbox is lightweight, the overhead is low. There are no complicated configuration files to edit, no socket connections open, no daemons running in the background. All security features are implemented directly in Linux kernel and available on any Linux computer. The program is released under GPL v2 license.
......@@ -20,7 +20,20 @@ firejail firefox
```
Firejail uses profiles to set the security protections for each of the applications executed inside of it - you can find the default profiles in /etc/firejail/application.profile. Should you require custom profiles for applications not included, or wish to modify the defaults, you may place new rules or copies of the defaults in the ~/.config/firejail/ directory. You may have multiple custom profile files for a single application, and you may share the same profile file among several applications.
If firejail does not have a profile for a particular application, it uses its restrictive system-wide default profile. This can result in the application not functioning as desired, without first creating a custom, and less restrictive profile.
If firejail does not have a profile for a particular application, it uses its restrictive system-wide default profile. This can result in the application not functioning as desired, without first creating a custom, and less restrictive profile.
## Installing Firejail
Firejail used to be pre-installed in Parrot, but in more recent versions you have to install it by yourself.
Firejail was a very effective and easy to implement sandboxing technology, but its impact in system usability was huge, and Parrot decided to adopt other sandboxing solutions (like Apparmor) and leave firejail only for the brave hearts.
Use the following commands to install Firejail
```bash
sudo apt update
sudo apt install firejail firejail-profiles
```
## Using Firejail
......@@ -225,4 +238,4 @@ See also
[Firejail GitHub project page[(https://github.com/netblue30/firejail)]
&nbsp;
[Using Parrot](https://docs.parrotlinux.org/info/start/) | [Troubleshooting](https://docs.parrotlinux.org/trbl/start/) | [Linux Beginner Guide](https://docs.parrotlinux.org/library/lbg-basics/) | [Home](https://docs.parrotlinux.org/)
\ No newline at end of file
[Using Parrot](https://docs.parrotlinux.org/info/start/) | [Troubleshooting](https://docs.parrotlinux.org/trbl/start/) | [Linux Beginner Guide](https://docs.parrotlinux.org/library/lbg-basics/) | [Home](https://docs.parrotlinux.org/)
......@@ -15,7 +15,7 @@ visible: true
&nbsp;
### If you can't find the answer here, or in our [FAQ](https://docs.parrotlinux.org/faq/) please post on the [forum](https://community.parrotsec.org/c/support/)
### If you can't find the answer here, or in our [FAQ](https://docs.parrotsec.org/faq/) please post on the [forum](https://community.parrotsec.org/c/support/)
&nbsp;
---
......@@ -24,7 +24,7 @@ If you've never used Linux we suggest you look at this course by the Linux found
</b>
NOTE: Currently a WIP (work in progress, some links might not work and some documentation is likely missing.)<br>
(looking for how to install? see [here](https://docs.parrotlinux.org/getting-started/start/))
(looking for how to install? see [here](https://docs.parrotsec.org/getting-started/start/))
### Setup and Configuration
- [System Requirements](system-requirements.md)
......@@ -71,4 +71,4 @@ Looking for Dev resources?
&nbsp;
[Using Parrot](https://docs.parrotlinux.org/info/start/) | [Troubleshooting](https://docs.parrotlinux.org/trbl/start/) | [Linux Beginner Guide](https://docs.parrotlinux.org/library/lbg-basics/) | [Home](https://docs.parrotlinux.org/)
\ No newline at end of file
[Using Parrot](https://docs.parrotlinux.org/info/start/) | [Troubleshooting](https://docs.parrotlinux.org/trbl/start/) | [Linux Beginner Guide](https://docs.parrotlinux.org/library/lbg-basics/) | [Home](https://docs.parrotlinux.org/)
......@@ -10,11 +10,11 @@ visible: true
&nbsp;
**ParrotOS** (Parrot Security, ParrotOS) is a free and open source GNU/Linux distribution based on [Debian Testing](https://www.debian.org/releases/testing/) designed for security experts, developers and privacy aware people.
**Parrot Security** (Parrot OS, Parrot) is a free and open source GNU/Linux distribution based on [Debian Testing](https://www.debian.org/releases/testing/) designed for security experts, developers and privacy aware people.
It includes a full portable arsenal for IT security and digital forensics operations, but it also includes everything you need to develop your own programs or protect your privacy while surfing the net.
The operating system ships with the MATE desktop environment preinstalled and is available in several flavors to fit your needs.
The operating system ships by default with either MATE or KDE desktop environments and is available in several flavors to fit your needs.
![macaw-poly](https://docs.parrotlinux.org/img/macaw-poly.jpg)
......@@ -28,11 +28,11 @@ The operating system ships with the MATE desktop environment preinstalled and is
### History and Team
The first public release appeared on April 10th, 2013 as the result of the work of **Lorenzo Faletra** who continues to lead development.
The first public release appeared on April 10th, 2013 as the result of the work of [**Lorenzo Faletra**](https://palinuro.dev) who continues to lead development.
Originally developed as part of Frozenbox, the effort has grown to include a community of open source developers, professional security experts, advocates of digital rights, and Linux enthusiasts from all around the globe.
Originally developed as part of Frozenbox (a community forum by the same creator of Parrot), the effort has grown to include a community of open source developers, professional security experts, advocates of digital rights, and Linux enthusiasts from all around the globe.
The project is headquartered in Palermo, Italy and it is supported by an international team of experts and enthusiasts.
The project is headquartered in Palermo, Italy and governed by Parrot Security CIC, a community interest company registered in the UK.
---
......@@ -40,18 +40,7 @@ The project is headquartered in Palermo, Italy and it is supported by an interna
The system is designed to be familiar for the security expert and easy to use for the new entry student, but it does not try to hide its internals as other general purpose distributions try to do.
**Parrot can be used as a daily system**, and it provides all the programs for the day to day tasks, including dedicated system flavors that don't ship security tools.
&nbsp;
&nbsp;
---
### Secure Sandboxed Environment
People familiar with other pentest distributions may notice that Parrot is quite unique, as **it does not allow direct root logins** for safety reasons (root can only be used with sudo), and it provides its own sandbox system by combining [Firejail](https://firejail.wordpress.com) and [AppArmor](https://wiki.ubuntu.com/AppArmor) with custom security profiles.
**Parrot can be used as a daily system**, and it provides all the programs for the day to day tasks, including a dedicated edition of the system (Parrot HOME) that don't include security tools.
&nbsp;
......@@ -84,7 +73,7 @@ In this section we will explain how different is Parrot compared to other genera
<img src="https://docs.parrotlinux.org/img/parrot.svg" width="200">
<img src="https://docs.parrotsec.org/img/parrot.svg" width="200">
### General purpose distributions
......@@ -111,13 +100,15 @@ Our goal is to allow any professional pentester to make a whole security test fr
### Secure distributions
Parrot includes its own sandbox system obtained with the combination of [Firejail](https://firejail.wordpress.com) and [AppArmor](https://wiki.ubuntu.com/AppArmor) with custom security profiles.
Parrot Security ships with custom hardening profiles and configurations for [AppArmor](https://wiki.ubuntu.com/AppArmor) and other linux hardening technologies, and takes inspiration from the success of other projects that deliver the highest level of security in the GNU/Linux scenario, like [Tails](https://tails.boum.org) and [Whonix](https://www.whonix.org) to sandbox the system and deliver a layer of security above the average.
User applications in Parrot are **protected** and **"jailed"** to limit the damages in case the system is compromised.
All this additional security comes with a cost: it is harder to adopt bad behaviors on Parrot. For instance it is not possible to log in as root with the whole desktop environment, or to start critical applications like browsers, media players or advanced document readers with unnecessary privileged permissions.
All this additional security comes with a cost: it is harder to adopt bad behaviors on Parrot. For instance **it is not possible to log in as root** with the whole desktop environment, or to start critical applications like browsers, media players or advanced document readers with unnecessary privileged permissions.
The user can still open root consoles, launch security tools with privileged permissions and use the system without limits. The only thing that changes is that all the critical user applications are now protected from very bad behaviors and common exploit techniques, or even 0days, and the damages caused by advanced exploits are very limited.
The user can still open root consoles, launch security tools with privileged permissions and use the system without limits. The only thing that changes is that all the critical user applications are now protected from very bad behaviors and common exploit techniques, and the damages caused by advanced exploits are very limited.
Additional and more aggressive sandboxing can be achieved with [Firejail](https://docs.parrotsec.org/info/firejail/)
---
......@@ -137,11 +128,12 @@ The no-automount behavior is consistent and stable, but no protection is provide
* Security Experts
* Digital forensics experts
* Engineering and IT Students
* Computer Science/Engineering Students
* Researchers
* Journalists & Hacktivists
* Wannabe Hackers
* Police officers and special security institutions
* Software developers
* Journalists, Hacktivists and Whistleblowers
* Police officers and security agencies
&nbsp;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment