![]() Parrot IIRC has two versions, a privacy based desktop version and a hacking version which is similar to the desktop version but with an additional repo of tools and some tools already installed on the system. There are file carvers and other tools in Kali that are used for DigitalForensics/IncidentResponse, but there are superior more focused DFIR distros like SIFT, Paladin and REMnux. I can only see Kali being installed to a box if someone chooses to use it as a Digital forensics dead box. It works well without persistence because you always have a clean environment to work with. Despite it being an OS, in my head I think of it like a tool repo with an OS terminal that lets you run commands and conduct pentests. Kali is not meant to be used as a daily driver in any form. It is also ported to single board computers very often that people can SSH or VNC into through a mobile device, and then there's also the mobile ROM they maintain called Nethunter. It has everything needed for quick deployment and takes extra hardening mechanisms. Glad to know i'm not the only one who noticed this happening.Ĭorrect me if I am wrong, but Kali is meant for in field testing. I also like scripting and want to get into tool development so maybe that's why I get Irked by users like this. I'm old fashioned and learned by installing tools to Ubuntu/mint. I don't even see people playing around with options or even using some tools' scripting engines anymore in the tutorials i've seen teaching people how to hack. Kali made hacking very copy-pasty and rinse/repeat. Like i'd be impressed if someone trained that way can actually explain the dangers of a high or critical vulnerability scan output and tell me how that is exploitable, rather than just know "oh I can exploit this, better just pass this to armitage or metasploit". It's because there's a shortage of cyber security guys (apparently) and they need bodies to quickly secure these information systems that all these companies took for granted. Not only has the script kiddie attitude muddled the rep of these tools, but many training courses have users blindly use the tools in Kali for pentesting but they don't really learn about Linux or even the target systems that much. Kali and Parrot are good if you're working in the industry as a professional and there needs to be some level of standardization so your actual penetration test's findings have some actual weight behind it. On top of that, I was installing to old computers and *physically networking them.* Now you can just run these distros in VMware or something. I didn't learn hacking with Kali or Parrot, I started with Ubuntu and Mint and learned to install and run the tools myself. If you use Ubuntu MATE, which is identical to Ubuntu but with a superior desktop compared to regular Ubuntu (personal preference again) it will look very similar to parrot OS. My favorite desktop environment is XFCE, which is super slim and fast, and I think it's the current desktop used in Kali now last I checked. Mint is Ubuntu based but it's not super bloated with Gnome or Unity to hog computer resources. This means most of the tools and their dependencies that usually are bundled in these distros can be easily installed to mint without repacking them or modifying them (if you do, its a learning experience!). It also used aptitude (apt) which is the package manager in many hacker distributions and DFIR distributions. The stuff you need like email, internet, chat will work out of the box. You can start to play around in the terminal and look at its file directory and learn. It looks like classic windows so you won't be really disoriented. If you're super noobie and have no linux experience, i'd say start with Mint. We teach you how to do it, use it at your own risk. - See upcoming events and writeups from past CTFs.- Privilege escalation over SSH, web exploitation.- Learn-as-you-go web exploitation game made by a redditor.- Interactive privilege escalation with browser-based bash shells (and much more).
0 Comments
Leave a Reply. |