Commit c8af11df authored by Dario's avatar Dario
Browse files

Renamed 01, merged 02-03, updated new 02, added Parrot on docker (not indexed)

parent 8afa7df5
......@@ -3,13 +3,13 @@
Parrot OS is a GNU/Linux distribution based on Debian and focused on Penetration Testing, Digital Forensics, Programming and Privacy protection.
Got a Home version? Yes! There is a Home version too. All the Parrot OS Security power for your daily use.
It is available in the Security and Home Editions, even as VM and also on Docker
\
![ParrotOS Desktop](./images/parrot_desktop.png)
<h5 align="center">Parrot Security 4.11</h5>
<h5 align="center">Parrot Security 4.11 MATE Edition</h5>
### History and Team ###
......
# Which version to choose? #
# Download Parrot OS #
Parrot OS is available for download [here](https://parrotlinux.org/download/).
## Which version to choose? ##
Parrot comes in a lot of shapes and sizes in order to fit in all the possible hardware and users needs.
Depending on what hardware configuration and scope you have, consider these options:
## Parrot 4.x Security Edition (x86_64) ##
### Parrot 4.11.2 Security Edition ###
As the name suggests, this is the full edition.
After the installation you have a complete out of the box pentesting workstation loaded with a big variety of tools ready to use.
Highly reccomended for Desktops and Laptops with at least 4GB of RAM, in order to have a smooth experience while multitasking.
Highly reccomended for PC Desktops and Laptops with at least 4GB of RAM, in order to have a smooth experience while multitasking.
[Download](https://parrotsec.org/security-edition/)
## Parrot 4.x Home Edition (x86_64) : ##
| Desktop Enviroment | Size |
|--------------------|--------|
| MATE | 4.1 GB |
| KDE | 4.2 GB |
### Parrot 4.11.2 Home Edition ###
This version of Parrot is aimed for a lightweight installation which provides the essential tools to start working.
It relays on the same repositories as the Full Edition, letting you choose most of the programs you want to install later on.
Reccomended for those users who are familiar with Pentesting Distros and need to create a minimal one.
[Download](https://parrotsec.org/home-edition/)
## Parrot 4.x Home & Security OVA ##
Purposed for a quick VM setup, this version is intended to work on your favorite virtualization software. It has the same features from the Desktop Home Edition.
| Desktop Enviroment | Size |
|--------------------|--------|
| MATE | 1.9 GB |
| KDE | 2.0 GB |
| XFCE | 1.8 GB |
[Download](https://download.parrot.sh/parrot/iso/4.11.1/Parrot-home-4.11.1_virtual.ova.mirrorlist)
## Parrot 4.x Cloud Edition (x86 and x86_64) : ##
Forget all you know about pentesting circumstances, carrying a laptop everywhere you go to accomplish your job is not mandatory anymore.
You can now have a remote VPS loaded with ParrotOS ready to perform all sort of tasks from an embedded terminal, with discretion.
This edition does not provide a GUI out of the box, but it's available in the repositories if needed.
There are two options:
Download the iso and installing it on your own machine;
### Parrot 4.11.2 Home & Security OVA ###
Purposed for a quick VM setup, this version is intended to work on your favorite virtualization software.
[Download](https://download.parrot.sh/parrot/iso/4.11.1/Parrot-home-4.11.2_virtual.ova.mirrorlist)
[Download](https://parrotsec.org/virtual/)
| Edition | Size |
|----------|--------|
| Security | 5.5 GB |
| Home | 2.8 GB |
## Security or Home edition, which one should i choose? ##
### Security or Home edition, which one should I choose? ###
*Parrot Home Edition and Parrot Security Edition are identical, and the only difference between them is the set of software that comes pre-installed*.
Parrot OS Home Edition comes with no security tools, while Parrot OS Security Edition comes with all the hacking and pentest tools pre-installed.
You can install Parrot Home Edition and install only the hacking tools you actually need, or you can install all of them at once with `sudo apt install parrot-tools-full`
\ No newline at end of file
You can install Parrot Home Edition and install only the hacking tools you actually need, or you can install all of them at once with `sudo apt install parrot-tools-full`
### Parrot 4.11.2 on Docker ###
Forget all you know about pentesting circumstances, carrying a laptop everywhere you go to accomplish your job is not mandatory anymore.
You can now have a remote VPS loaded with Parrot OS ready to perform all sort of tasks from an embedded terminal, with discretion.
This edition does not provide a GUI out of the box, but it's available in the repositories if needed.
[Check it out now](https://nest.parrotsec.org/build/docker-images/-/blob/master/README.md/)
\ No newline at end of file
## Download Parrot Security OS ##
Parrot is available for download [here](https://parrotlinux.org/download/).
<!-- Please do choose the closest mirror to your physical location in order to experience the maximum download speed.
-->
\ No newline at end of file
# How to install Parrot Security #
### choose Install ###
From VirtualBox Main Screen, it will boot Parrot Security, click in the Virtual Machine, select *Install* and then click Enter.
<img src="./images/calamares/10.png" width="85%"/>
### Choose the default Installer (Calamares) ###
Here you can test the OS in its entirety, then you can proceed with the installation.
\
Click on **Install Parrot**:
<img src="./images/calamares/11.png" width="85%"/>
and the default installer, Calamares, will start.
### Select location ###
In my case I’ve chosen English. Click on *Next*.
<img src="./images/calamares/12.png" width="85%"/>
### Select language ###
In my case I’ve chosen United States. Click on *Next*.
<img src="./images/calamares/13.png" width="85%"/>
### Select keyboard layout ###
I’ve selected American English. Click on *Next*.
<img src="./images/calamares/14.png" width="85%"/>
### Parrot Security disk partitioning ###
As this is all Virtualized, you can choose anything you want to.
\
I personally think guided partitioning for less experienced users is recommended, 40 GB or more are enough, unless your going to want to install alot more programs or keep larger file on your hard drive.
<img src="./images/calamares/15.png" width="85%"/>
Here you can decide whether to enable swap or not. For more information about swap, \
[https://wiki.debian.org/Swap](https://wiki.debian.org/Swap) \
[https://www.kernel.org/doc/html/latest/power/swsusp.html](https://www.kernel.org/doc/html/latest/power/swsusp.html)
<img src="./images/calamares/16.png" width="85%"/>
*If you want*, you can also encrypt the system by adding a passphrase:
<img src="./images/calamares/17.png" width="85%"/>
### Creating a new user account ###
You will be asked to create a new user, for simplicity I have chosen a **user**.
You can enter any name in here.
<img src="./images/calamares/18.png" width="85%"/>
Then, click on *Next*
### Completing the installation process ###
Finally, a summary of the choices made during the procedure:
<img src="./images/calamares/19.png" width="85%"/>
You can decide whether to change the chosen settings, and then go back, or proceed with the installation of the system. Click on **Install**.
Confirm by clicking **Install now**
<img src="./images/calamares/20.png" width="85%"/>
And wait for the installation to complete!
\
With an SSD (Sata), it takes a few minutes.
<img src="./images/calamares/21.png" width="85%"/>
**Well done! You have successfully installed ParrotOS on your computer!**
<img src="./images/calamares/22.png" width="85%"/>
### Login to Parrot Security for the first time ###
Enter your Password:
<img src="./images/calamares/23.png" width="85%"/>
**You just installed Parrot Security! Congrats!**
<img src="./images/calamares/24.png" width="85%"/>
# Docker images for Parrot OS
Docker is a powerful technology that allows users to run containers universally on any host platform.
Docker uses template images, and allows the user to start several instances of the same template, destroy them, or build new custom templates on top of them.
Parrot uses docker to allow its users to use its vast arsenal of tools on any platform supported by docker.
[Parrot Core](#parrotseccore)
[Parrot Security](#parrotsecsecurity)
[Nmap](#parrotsectools-nmap)
[Metasploit](#parrotsectools-metasploit)
[Social Engineering Toolkit](#parrotsectools-set)
[Beef-XSS](#parrotsectools-beef)
[Bettercap](#parrotsectoos-bettercap)
[SQLMap](#parrotsectools-sqlmap)
[Builder Container](#parrotsecbuild)
[skip to usage examples](#general-usage-instructions-and-examples)
# Available Templates
Whether you want to have a container full of tools, or several smaller containers with a tiny selection of tools, or even a clean Parrot environment to build yor custom stack on, this is the right place where to learn how to take advantage of the Parrot Docker workspace.
## parrotsec/core
Core system with just the Parrot basics.
You can use it as a start point to create your custom containers.
available flavors:
**parrotsec/core:latest** based on parrot rolling (debian testing) amd64
**parrotsec/core:rolling-amd64** based on parrot rolling (debian testing) amd64
**parrotsec/core:rolling-i386** based on parrot rolling (debian testing) i386
**parrotsec/core:lts-amd64** based on parrot lts (devuan stable) amd64
**parrotsec/core:lts-i386** based on parrot lts (devuan stable) i386
**parrotsec/core:lts-arm64** based on parrot lts (devuan stable) arm64
**parrotsec/core:lts-armhf** based on parrot lts (devuan stable) armhf
launch the container:
`docker run --rm -ti --network host -v $PWD/work:/work parrotsec/core:lts-amd64`
## parrotsec/security
This container includes a huge collection of tools that can be used via command line from inside a docker container.
Some tools with graphical interface were excluded for obvious reasons.
This container ships with the following metapackages:
* parrot-pico
* parrot-mini
* parrot-tools-cloud
available flavors:
**parrotsec/security:latest** built over parrotsec/core:rolling-amd64
**parrotsec/security:rolling** built over parrotsec/core:rolling-amd64
**parrotsec/security:lts** built over parrotsec/core:lts-amd64
Launch the container:
`docker run --rm -ti --network host -v $PWD/work:/work parrotsec/security`
## parrotsec/tools-*
This is a curated selection of smaller docker containers that contain only specific tools, alone or in cherry-picked collections.
Containers with shared tools are stacked on top of each other (when possible) to minimize storage waste and maximize layers reuse.
available templates:
### parrotsec/tools-nmap
based on parrotsec/core:rolling-amd64
provides the following packages:
* nmap
* ncat
* ndiff
* dnsutils
* netcat
* telnet
usage:
`docker run --rm -ti parrotsec/tools-nmap <nmap options>`
examples:
`docker run --rm -ti parrotsec/tools-nmap -F 192.168.1.1`
`docker run --rm -ti parrotsec/tools-nmap -Pn 89.36.210.176`
### parrotsec/tools-metasploit
based on parrotsec/tools-nmap:latest
provides the following packages:
* parrot-pico
* metasploit-framework
* postgresql
usage:
`docker run --rm -ti --network host -v $PWD/msf:/root/ parrotsec/tools-metasploit`
### parrotsec/tools-set
based on parrotsec/tools-metasploit:latest
provides the following packages:
* set
usage:
`docker run --rm -ti --network host -v $PWD/set:/root/.set parrotsec/tools-set`
### parrotsec/tools-beef
based on parrotsec/core:rolling-amd64
provides the following packages:
* beef-xss
usage:
`docker run --rm --network host -ti -v $PWD/beef:/var/lib/beef-xss parrotsec/tools-beef`
### parrotsec/tools-bettercap
based on parrotsec/core:rolling-amd64
provides the following packages:
* bettercap
usage:
`docker run --rm -ti parrotsec/tools-bettercap`
### parrotsec/tools-sqlmap
based on parrotsec/core:rolling-amd64
provides the following packages:
* sqlmap
usage:
`docker run --rm -ti parrotsec/tools-sqlmap <sqlmap options>`
example:
`docker run --rm -ti parrotsec/tools-sqlmap -u parrotsec.org --wizard`
## parrotsec/build
This container is used internally by the Parrot Build Platform to test and build the distro packages.
Even if it is not meant to be used directly by users, it contains all the tools to work on debian packaging and properly test package builds in clean and disposable environments.
This container ships with the following packages:
* git-buildpackage
* ubuntu-dev-tools
* devscripts
* debhelper
* dh-apparmor
* dh-autoreconf
* dh-buildinfo
* dh-cargo
* dh-consoledata
* dh-di
* dh-exec
* dh-golang
* dh-linktree
* dh-lisp
* dh-lua
* dh-make
* dh-make-golang
* dh-make-perl
* dh-metainit
* dh-perl6
* dh-php
* dh-python
* dh-runit
* dh-strip-nondeterminism
* dh-sysuser
* dh-vim-addon
* dh-virtualenv
* kernel-wedge
Available flavors:
**parrotsec/build:latest** based on parrotsec/core:rolling-amd64
**parrotsec/build:rolling-amd64** based on parrotsec/core:rolling-amd64
**parrotsec/build:rolling-i386** based on parrotsec/core:rolling-i386
**parrotsec/build:lts-amd64** based on parrotsec/core:lts-amd64
**parrotsec/build:lts-i386** based on parrotsec/core:lts-i386
**parrotsec/build:lts-arm64** based on parrotsec/core:lts-arm64
**parrotsec/build:lts-armhf** based on parrotsec/core:lts-armhf
Example usage:
```
git clone https://nest.parrot.sh/packages/tools/metasploit-framework
cd metasploit-framework
<make your modfications to the package here>
cd ..
docker run --rm -ti -v $PWD:/build/ parrotsec/build:rolling-amd64 - bash
cd /build/metasploit-framework
apt build-dep .
debuild -us -uc
exit
```
# General Usage Instructions and Examples
## Launch a container:
`docker run --name pcore-1 -ti parrotsec/core`
NOTE: the pcore-1 name is arbitrary and can be customized
## Stop the container:
`docker stop pcore-1`
## Resume a previously-stopped container:
`docker start pcore-1`
## Remove a container after use:
`docker rm pcore-1`
## List all the instantiated containers:
`docker ps -a`
## Start multiple containers:
on terminal 1 -> `docker run --name pentest1 -ti parrotsec/security`
on terminal 2 -> `docker run --name pentest2 -ti parrotsec/security`
on terminal 3 -> `docker run --name msf-listener -ti parrotsec/tools-metasploit`
## Remove all the containers:
`docker rm $(docker ps -qa)`
## Start a container and automatically remove it on exit:
`docker run --rm -ti parrotsec/core`
## Use Volumes to share files with the host:
It is a good practice to not keep persistent docker containers, but to remove them on every use and make sure to save important files on a docker volume.
The following command creates a **work** folder inside the current directory and mounts it in /work inside the container.
`docker run --rm -ti -v $PWD/work:/work parrotsec/core`
## Use Volumes to share files across multiple containers:
on terminal 1 -> `docker run --name pentest -ti -v $PWD/work:/work parrotsec/security` \
on terminal 2 -> `docker run --rm --network host -v $PWD/work:/work -ti parrotsec/security` \
on terminal 3 -> `docker run --rm -v $PWD/work:/work -ti parrotsec/tools-metasploit` \
## Open a port from the container to the host
Every docker container has its own network space connected to a virtual LAN.
All the traffic from within the docker container will be NATted by the host computer.
If you need to expose a port to other machines outside your local computer, use the following exaple:
`docker run --rm -p 8080:80 -ti parrotsec/core`
Note that the first port is the port that will be opened on your host, and the second one is the container port to bind to.
Here a reference usage of the -p flag:
**-p <host port>:<container port>** `-p 8080:80`
**-p <host port>:<container port>/<proto>** `-p 8080:80/tcp`
**-p <address>:<host port>:<container port>** `-p 192.168.1.30:8080:80` (in case of multiple adresses on host network)
## Use network host instead of docker NAT
Every docker container has its own network space connected to a virtual LAN.
All the traffic from within the docker container will be NATted by the host computer.
If you need to make the docker container share the same networking space of the host machine, then use the **--network host** flag as shown below
`docker run --rm --network host -ti parrotsec/core`
*NOTE 1*: every port opened in the container will be opened on the host as well.
*NOTE 2*: you can perform packet sniffing on the host network.
*NOTE 3*: iptables rules applied inside the container will take effect on the host as well.
# Summary
- [What is Parrot](<./01.- What is Parrot.md>)
- [Where to get](<./02.- Where to get.md>)
- [Which version to choose](<./03.- Which version to choose.md>)
- [Download Parrot](<./02.- Download Parrot.md>)
- [Install Parrot](<./03.- Installation.md>)
- [Parrot on Docker](<./Parrot on Docker.md>)
- [What is Live Mode](<./04.- What is Live Mode.md>)
- [How to create a Live boot device](<./05.- How to create a Live boot device.md>)
- [How to boot](<./06.- How to boot.md>)
......@@ -10,16 +11,18 @@
- [Parrot in a Virtual Machine]()
- [Install in a Virtual Machine](<./08.- Install in a Virtual Machine.md>)
- [Virtualbox Guest Additions](<./15.- Virtualbox Guest Additions.md>)
- [Installing VMware Workstation Pro on Parrot Security](<./10.- Installing VMware Workstation Pro on Parrot Security.md>)
- [Installing Parrot Security on Workstation Pro](<./11.- Installing Parrot Security on Workstation Pro.md>)
<!--
- [Dualboot with Windows](<./09.- Dualboot with Windows.md>)
- [Change MySQL - PostgreSQL Password](<./12.- Change MySQL - PostgreSQL Password.md>)
- [Supported WiFi devices](<./13.- Supported WiFi devices.md>)
-->
- [Using a Nvidia GPU on Parrot]()
- [Nvidia drivers](<./14.- Nvidia drivers.md>)
- [Nvidia driver install](<./16.- Nvidia driver install.md>)
<!--
- [Metasploit Framework](<./17.- Metasploit Framework.md>)
- [Anonsurf](<./18.- Anonsurf.md>)
-->
- [Compile a custom kernel](<./19.- Compile a custom kernel.md>)
- [Mirrors List](<./20.- Mirrors List.md>)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment