eBay

This listing is for either a DVD or USB flash drive that have Kali Linux and Parrot Security to try, but since they both boot as live systems, a DVD is going to be noticeably slower than a USB flash drive.

What is ParrotOS?

Parrot Security (ParrotOS, Parrot) is a Free and Open source GNU/Linux distribution based on Debian Stable designed for security experts, developers and privacy aware people.

It includes a full portable arsenal for IT security and digital forensics operations. It also includes everything you need to develop your own programs or protect your privacy while surfing the net.

Parrot is available in three main editions, Security, Home and Architect Edition, even as Virtual Machine (Virtual Box, Parallels and VMware), on Raspberry Pi and also on Docker.

From version 5.0 LTS, support for ARM platforms (arm64 and armhf) is back, and some images are also available for boards like Raspberry Pi.

The operating system ships by default with MATE Desktop Environment, but it is possible to install others DEs.

ParrotOS Desktop

Parrot Security 5.0 with MATE Desktop

History and Team

The first public release appeared on April 10th, 2013 as the result of the work of Lorenzo Faletra who continues to lead development.

Originally developed as part of Frozenbox (a community forum by the same creator of Parrot), the effort has grown to include a community of open source developers, professional security experts, advocates of digital rights, and Linux enthusiasts from all around the globe.

The project is headquartered in Palermo, Italy and governed by Parrot Security CIC, a community interest company registered in the UK.

Why "Parrot"?

Because it was born as a game, and every pirate of the seven seas needs a parrot on his shoulders if he wants to board the galleons with his crew of jailbird filibusters.

Who is it designed for

The system is designed to be familiar for the security expert and easy to use for the new entry student, but it does not try to hide its internals as other general purpose distributions try to do.

Parrot can be used as a daily system. It provides all the programs for the day to day tasks, including a dedicated edition of the system (Parrot Home Edition) that doesn't include security tools.

Software Management

The system has its own applications repository including all the packages supported by Debian, plus many other applications and tools Debian can't provide yet. All of them are accessible directly from the APT package manager.

Additionally, Parrot supports Snap, a package distribution system that provides easy access to many other programs that GNU/Linux distributions don't always ship in their software archives.

Flatpak is a universal software store similar to Snap. It can be installed from the Parrot official repository.

Also Parrot supports Wine, a compatibility layer to run Windows applications in GNU/Linux environments.

Should I use Parrot?

Why Parrot is different

Even if we would like everyone to use the Parrot System or, at least, give it a try, there are some important considerations to make about who we expect to use Parrot and who may have a bad experience from it.

First of all, even if Parrot provides general purpose flavors, its core is still tuned for Security and Forensics operations. In this section we will explain how different Parrot is compared to other general purpose distributions and how different it is from other Pentest and Forensics distributions. Then we will present some categories of people and what kind of experience they may have by using this system.

General purpose distributions

Parrot is different from a general purpose distribution (i.e. Ubuntu) because it does not try in any way to hide its internals.

Meaning that many automation tools are included in the system to make it easier to use, yet expose quite well what the system has under the hood.

A good example is the parrot update reminder: it is a simple yet powerful program that prompts the user to check for system upgrades once a week. but instead of hiding the upgrade process behind a progress bar, it shows the user the full upgrade process from the apt output.

Another important difference is that Parrot disables by default all the network services pre-installed in the system, not only to maintain a very low RAM footprint and offer better performance, but also to avoid services exposure in a target network. Every network service needs to be manually started when the user needs it.

Pentest distributions

Pentest distributions are famous for integrating only security tools, allowing easy root access and taking down all the security system barriers that may influence the workflow of a pentester.

Parrot was designed to be a very comfortable environment for security experts and researchers. It includes many basic programs for daily use which pentesting distributions usually exclude (at the cost of less than an additional gigabyte of storage). This choice was taken to make Parrot not only a good system to perform security tests, but also a good environment where you can write reports, build your own tools, and communicate seamlessly with teammates, without the need for additional computers, operating systems or configuration.

Our goal is to allow any professional pentester to make a whole security test from the beginning, to the report with just a Parrot ISO and an average laptop.

Secure distributions

Parrot Security ships with custom hardening profiles and configurations for AppArmor and other linux hardening technologies, and takes inspiration from the success of other projects that deliver the highest level of security in the GNU/Linux scenario, like Tails and Whonix to sandbox the system and deliver a layer of security above the average.

All this additional security comes with a cost: it is harder to adopt bad behaviors on Parrot. For instance it is not possible to log in as root with the whole desktop environment, or to start critical applications like browsers, media players or advanced document readers with unnecessary privileged permissions.

The user can still open root consoles, launch security tools with privileged permissions and use the system without limits. The only thing that changes is that all the critical user applications are now protected from very bad behaviors and common exploit techniques, or even zero-days, and the damages caused by advanced exploits are very limited.

Forensics distributions

Digital forensics experts need an environment that does not compromise their evidence.

Parrot comes with automount functions disabled by default, to allow forensics acquisitions to be performed in a safe way. The global automount policy is configured in a redundant way in all the layers of the system stack, from the noautomount kernel option passed by default at boot, to the specific file manager settings to disable auto mount and plug & play features.

Don't forget that the disks are still recognized by the system, and the system will mount them without protections if the user accidentally open them.

The no-automount behavior is consistent and stable, but no protection is provided in case of accidental mounts. A write blocker is always recommended in any digital forensics scenario.

In summary, Parrot is made for:

Security Experts

Digital forensics experts

Computer Science/Engineering Students

Researchers

Wannabe Hackers

Software developers

Kali is the most popular open-source Linux distribution created specifically for penetration testing, ethical hacking, and security audits. The ever-expanding repository currently has hundreds of top tier tools organized in numerous menu categories such as: Information Gathering, Vulnerability Analysis, Web Application Analysis, Database Assessment, Password Attacks, Wireless Attacks, Reverse Engineering, Exploitation Tools, Sniffing & Spoofing, Forensics, Social Engineering Tools, etc.

This Kali USB drive allows a network or security professional to boot directly to the USB and run the tools without having to change or modify their existing PC's hard drive. Once you are done, you can simply reboot the computer back to normal. The USB will also allow you to install Kali on your computer if you choose to. Installing on your computer should be done by experienced professionals only as a mistake could erase all of the data on your computer.

Many security professionals and white-hat hackers agree that Kali is the premiere platform to run network diagnostics, security audits, and perform penetration testing to find and fix network facing vulnerabilities. Virtually no other toolset provides as many features and as much flexibility as Kali.

Why use this Kali USB?

All inclusive - Includes hundreds of tools ready to use.
Portable - Take the drive with you and use it on the go.
Up-to-date - This is the latest version available.
Safety - Booting to this live USB removes the risk to your data.
Tested - Each and every USB shipped is individually tested to ensure functionality

Kali Linux Features

What is Kali Linux, and what is a Penetration Testing Distribution?

What is a penetration testing distribution? As legend tells it, years ago there was a penetration test in an isolated environment where the assessment team was not able to bring in any computers or have network access in or out of the target environment. In order to do the work, the first penetration testing distribution was born. It was a bootable Live CD configured with various tools needed to do the work, and after the assessment was completed the Live CD was shared online and became very popular.

Kali Linux has a direct lineage from this original distribution, running on through BackTrack Linux, and now is Kali Linux.

What are the makings of a great penetration testing distribution? What a penetration testing distribution is judged on has changed over the years. Originally it was just how many tools did it hold. Then it was did it have package management, and how often were they updated? As we have matured, so has the features that we need to provide. The true indication of a great Penetration Testing distribution is the selection of useful and relevant features that it offers security professionals. What kind of features are we talking about? We’re happy you asked! We’ve made a short list of some of these Kali Linux features, and linked them to their respective sources.

Special Kali Linux Features of Note

Full customisation of Kali ISOs. With the use of metapackages optimized for specific need sets of a security professional and a highly accessible ISO customization process a optimized version of Kali for your specific needs is always easy to generate.

Kali Linux is heavily integrated with live-build, allowing endless flexibility in customizing and tailoring every aspect of your Kali Linux ISO images. This can be shown with our basic example build recipes, to our Kali ISO of doom recipe, which shows the types and complexity of customizations possible - build a self installing, reverse VPN auto-connecting, network bridging Kali image - for the perfect hardware backdoor.

Live USB Boot. This allows you to place Kali onto a USB device, and boot without touching the host operating system (perfect also for any forensics work!). With optional persistence volume(s) you can have opt to pick what file system to use when Kali starts up allowing for files to be saved in between sessions, creating multiple profiles. Each persistence volume can be encrypted essential feature needed in our industry.

If that is not enough, we also have LUKS nuke option, allowing you to quickly control the destruction of data.

Kali Undercover. Using Kali in an environment you don’t want to draw attention to yourself? Kali Undercover is perfect to not stand out in a crowd by blending to a familiar operating system that most people recognize to stop shoulder surfers.

Win-KeX. Using Kali on WSL? This provides a Kali Desktop Experience for Windows Subsystem for Linux (WSL), with seamless windows, clipboard sharing, audio support and more.

Kali NetHunter. Kali on your (Android) phone and smart watch. This covers multiple items, such as a ROM overlay for multiple devices, NetHunter App, as well as NetHunter App Store. On top of this, you also boot into a “full desktop” using chroot & containers, as well as “Kali NetHunter Desktop Experience (KeX)”.

Kali Everywhere. A version of Kali is always close to you no matter where you need it. Let it be; ARM (SBC) (including Raspberry Pis), Bare-Metal (single and multi-boot), Cloud (AWS, Azure, Digital Ocean & Linode), Containers (Docker, Podman & LXD), Virtual Machines (VMware, VirtualBox, Hyper-V, Parallels, Proxmox & Vagrant), DVD/USB, WSL, and so on - is all available.

We also make all our build-scripts for all our platforms public so you can generate the images yourself too!

Kali Unkaputtbar. Using Btrfs file system, you can take snapshots of Kali just like you were using a VM, and roll back to a previous state.

Kali ARM. Supporting over a dozen different ARM devices and common hardware such as Raspberry Pi, Pinebooks, USB Armory, Gateworks, ODROID, BeagleBone, and more. We offer pre-generated images, ready to be used as well as build-scripts to produce more. We’re very active in the ARM arena and constantly add new interesting hardware to our repertoire.

The Industry Standard. Kali Linux is the undisputed industry standard Open-source penetration testing platform.