Kali Linux is the obvious first choice for an operating system for most new hackers. It comes with a collection of curated tools organized in easy-to-navigate menus and a live boot option that's very entry-friendly. However, Kali is not the only distribution aimed at Pentester, and many exciting alternatives may suit your use case better. We've already covered BlackArch Linux, now it's time to talk about Parrot Security OS.
Parrot Security OS is a Debian-derived operating system for general use, pentesting and forensics. Originally released in 2013, Parrot has grown rapidly and currently offers many different variants for different use cases.
- Parrot Home which targets desktop users, removes the Penetration Test packages and presents a nicely configured Debian environment.
- Parrot Air focuses on wireless penetration testing.
- Parrot Studio was developed for multimedia creation.
- Parrot Cloud targets server applications and allows the user to access Parrot Security with all Penetration Testing tools minus the graphical frontend. It was developed for deployment on a VPS and acts as a jump box.
- Parrot IoT was developed for low-resource devices such as Pine64, OrangePi and Raspberry Pi3.
- Parrot Security The original Parrot operating system has been developed considering penetration testing, forensics, development and privacy. Parrot OS has some targeted use cases, but these do not affect the main distribution. Parrot Security OS is a solid desktop workstation for general use with numerous security tools that make us happy when we chop off!
Fans of Kali Linux will appreciate that Parrot is derived from Debian. Working with the operating system itself is familiar and there is no need to re-learn package management or distribution specifications.
Let's look at Parrot Security with the background out of the way. I have installed Parrot Security in a VirtualBox VM. Although Parrot Security works as a live ISO, I generally like to try things that are installed and stable.
Step 1: Download the Parrot Security Operating System
The first step is to purchase a copy of the Parrot Security ISO. You can find it on the Parrot Security Web site along with the hashes for the ISO. Once the download is complete, the hash must be verified. If the hashes do not match, you may have a modified copy or a corrupted ISO that you should not use.
The hashes for the current release of Parrot Security (4.6) are available on Parrot's website. To verify the hash in Windows, open a command prompt and execute certutil .
certutil -hashfile Parrot-security-4.6_amd64 SHA1
To verify the hash in macOS, open a terminal and run shasum .
To verify the hash under Linux, open a terminal and use sha1sum .
If your hash matches, you can go to the next step and boot the operating system. If the file name is different or a newer version, make sure that you swap it in the command used above.
Step 2: Creating a Virtual Machine
Before we can start the operating system, we need a machine to try it on. We could write the image to a thumb drive and then boot to a physical machine, but that's much more time-consuming than just creating a VM (virtual machine). Most modern computers are more than capable of running a Linux guest, which makes virtualization incredibly attractive. In addition, your machines are also disposable. If something goes wrong, you can burn and call the VM.
I'm using VirtualBox on Windows, which is free from the VirtualBox website, though these steps should work on all major platforms. You can see the process of using VirtualBox on macOS in our video above. When you start VirtualBox, the VirtualBox Manager is displayed.
An instance of Parrot Security is currently running. To start a new one, click on the "New" button in the upper left corner of the window.
Give the Machine a Name Then select "Linux" from the drop-down menu Type out. In the drop-down list select version "Debian (64-bit)". If you downloaded a 32-bit version, choose Debian (32-bit). For the memory size 2 GB should be sufficient. At most, I would use half or less of my computer's memory.
I have selected Create a Virtual Disk Now since installing Parrot Security. If you want to try it out with a live CD, select . Instead, do not add a virtual disk . When you are satisfied with your selection, click on "Create".
When you add a virtual disk, VirtualBox will prompt you to create the virtual disk. I have selected a dynamically assigned VDI with 30 GB. Select the size you want. A fixed-size hard drive is slightly faster than a dynamically allocated hard drive. However, a dynamically allocated disk uses only the required disk space. I prefer dynamically assigned. Click the "Create" button to continue.
You return to the VirtualBox Manager with your new computer included in the list.
Step 3: Start Parrot Security
Select the computer that you created to test Parrot Security, then in the VirtualBox Manager, click the Start button Parrot Security OS, a modern Pentesting distribution ” width=”532″ height=”532″ style=”max-width:532px;height:auto;”/>