Above Parrot is a more comprehensive, versatile and usable distribution than many of its peers and it looks good too
Does the saturated pen-testing space need another distribution? Parrot Security thinks it does
RAM 385MB minimum,
2GB advised Storage 16GB for full installation
Specs 1 GHz processor
There’s no dearth of specialized distributions that hand over a gazillion tools to the ethical hacker looking to prod the robustness of their network.
Kali Linux has been the incumbent champion of this arena for quite some time now. While Kali has seen off challenges from quite a few projects over the years, the latest release of the Parrot Security OS poses a real threat to its dominance. For starters, Parrot Security has a much wider mandate than Kali Linux. In addition to the large number of pen-testing tools for performing security audits, the distro includes top-of-the line utilities to keep you anonymous and is also fully equipped to double up as a developmental environment.
Despite its seemingly endless list of tools, Parrot is intuitive and its customisations will help new users find their way to the right tool. The Debian-based distro uses a modified MATE desktop environment with a neat menu structure that categorizes the tools as per their use. So for example, the pen-testing tools are all within the Parrot menu which has submenus named Vulnerability Analysis, Post
For Parrot to dethrone Kali, the developers will need to flesh out the wiki with guides on using the bundled tools
Exploitation, Password Attacks, Digital Forensics and so on. Most of these menus have more topical submenus. For instance, the Wireless Testing menu has submenus for 802.11 wireless tools, Bluetooth tools, RFID and NFC tools, and more. The digital forensics section of the distro is the result of the project’s collaboration with the lead developer of the CAINE digital forensics project.
Parrot also ships with several cryptography and encryption tools to safeguard your data. It bundles a fully functional instance of Tor including both the Tor Browser and the TorChat IM client. If Tor isn’t your thing, you can also use the I2P anonymising network besides a whole host of other privacy tools including zuluCrypt for encrypting files and drives.
Also, unlike its peers that are designed to be run as a live medium, Parrot can be installed to disk and also features a number of everyday desktop apps including LibreOffice, Virtual Machine Manager and VLC. Talking about installation, the distro offers several methods. The standard installer is a curses- based one, but there’s also a graphical version. In addition to these, users can use Parrot from a USB disk, and the boot menu offers options to boot into these live environments with or without persistence.
The one area where Parrot lags behind the current favourite Kali is documentation and support. One underutilised strength of the project is its local communities. The project has a worldwide list of individual Parrot experts as part of its ambassadors program in addition to several localised forum boards that you can turn to for support. The documentation on Parrot’s wiki is currently geared towards helping users get the distro installed.
For Parrot to dethrone Kali, the developers will eventually need to flesh out the wiki with guides on using some of the bundled tools. That said, the lack of documentation doesn’t take away the fact that Parrot is a more comprehensive, versatile and usable distribution than any of its peers.
Parrot Security is just one of the distributions offered by the Parrot project. There’s Parrot Cloud designed for performing pentests using a remote or cloud deployment. There’s also Parrot Air that only contains tools for pentesting wireless communication devices. Besides these, there’s a Parrot image for the Raspberry Pi and a Lite edition for use as a general-purpose desktop sans all the pen-testing tools.
■ Mayank Sharma
Pros
In addition to its kitchen sink approach to pen-testing tools, the distribution includes tools for maintaining privacy.
Cons
Needs some more tool-specific documentation that should also make its way into the live and installed environment.
Summary
A comprehensive distro that’s fully stocked with tools that span three genres: penetration testing, privacy and development. The neatly arranged menus help you navigate to the right tool. Being a specialised distro, Parrot isn’t meant for everyone and is lacking in documentation.