Hi everyone! As we’ve known, Parrot Security edition is having tool list similar Kali Linux. It means, we are having thousands tools, but only < 200 useful tools, < 50 commonly used tools. So I create this topic to collect tool list and help Parrot Team clear the list. If you have any idea about “should be removed by default” or “should be pre-installed by default”, please join me.
P/S: All tools must be on Parrot APT Repository. And please add tool list following this format: Tool name; apt name (name on apt repository); uses, reason; description (optional)
Paros Proxy; paros; Web application testing proxy; out of dated, project replaced by Zap Proxy
sqlsus : (My)SQL injection tool; sqlsus; SQL injection (for MySQL), out of dated and no longer maintained; Repository has better tool (sqlmap)
sqlninja - a SQL Server injection & takeover tool; sqlninja; SQL injection on MSSQL; out of dated and no longer maintained; Repository has better tool (sqlmap)
Backdoor factory; backdoor-factory; Patch PE, ELF, Mach-O binaries with shellcode; No longer maintained
BDF Proxy; bdfproxy; Patch Binaries via MITM: BackdoorFactory + mitmProxy; No longer maintained; backdoor-factory is required, looks like there is no alternative tool on the repo
i will add more to the list to remove when i’m on parrotsec system, i don’t remember all of them.
To remove :
Skipfish; Web application security scanner; last updated 2012, better scanner already installed. owasp-mantra-ff; Web browser for pentesting; project abandonned and declared unsecure by its developers; remplaceable by new Firefox/Chromium vim-tiny; console text-editor; hardly usable, there is vim and neovim that are much better
To add :
Crackmapexec; Swiss army knife for pentesting networks; mainly used for owning network/active directory, strong use of impacket, powersploit, netripper… (last release 2016 because dev is merging it to python3, but is still developed) Terminator; developed; based on gnome-terminal, lot of features such as splitting pane, broadcasting typing in groups, tab and terminal renaming, activity/inactivity watcher… very lightweight
Thanks for your suggestion. But please notice that xerosploit is not on the repository. Maintaining 3rd party tools is another story and we are not talking about it here. I will add your suggestion in my collection. Framework for Man-In-The-Middle attacks; mitmf; Man-in-the-middle framework; No longer maintained; Requires backdoor-factory and bdfproxy
I’ve read its features and it has some good unique things. is there any tool (on the APT repository can replace it?) For example: Inject shellcode to binaries in the middle, capture telnet / irc / … data (As i tested, bettercap captures HTTP protocol data only)
Xerosploit has not been updated for 3 years, dunno if it’s still good, there is bettercap and ettercap on parrot
To remove :
ncat-w32; TCP/IP swiss army knife; outdated version of netcat, can be remplaced by ncat which is a reimplementation from nmap team of netcat webscarab; web application scanner; hasn’t been updated since 2014 sandi-gui; exploitdb wannabe framework; buggy/not working, abandonned ? websploit; MITM framework; abandonned hexorbase; database application vuln scanner; abandonned(7 years) ghost-phisher; Wireless and Ethernet auditing and attack; abandonned (4 years) fern-wifi-cracker; Wireless security auditing and attack; not free, buggy, remplaceable by wifite and airgeddon already pre-installed dirb; Web Content Scanner; abandonned(4 years) remplaceable by Wfuzz already pre-installed and much more powerful dirbuster; same as dirb just above, just a gui interface of it uniscan; Web Content Scanner; abandonned (4 years), again remplaceable by Wfuzz
there are much more outdated/not useful tools but they are CLI and so will take time to sort them, will do it later…
aww thanks! I forgot that webscarab because i always remove it LoL. Totally agree we should remove fern-wifi-cracker: this tool always shows wlan0 in select interface, even we enable other monitor interface. And clearly aircrack-ng is enough.
About dirbuster: it is a project by OWASP written in java. It has low performance, complex menu and super out of date. Zap proxy also has feature of this application.
About dirb, i am not sure because this is an easy-to-use tool. This tools can’t handle large wordlist file, and slow a little bit but it is very easy to use and readable report. We are having gobuster with similar feature, much more faster and handle big wordlist better; but this tool result is harder to read.
P/S: gobuster supports scan directory and dns name so it is good to keep this tool and remove other dns scan tools - This option must be tested carefully.
wapiti is still updated and maintained it is good if we have cli tool to scan web application layer instead of gui tool only
Download Wapiti
Current stable version: 3.0.1
Release date: 2018-05-11
Did pompem installed by default? It performs very good online search not only exploit-db but news as well. It deserve to replace old sandi-gui.
There are many cli tools out there, hopefully we can find and check them all!
thanks for correcting me about Wapiti, checked their mirror code but did not know about their official website. will edit myself.
about dirb, i think performance and new features are better than ease of reading (which might be improved later on since it’s still developed)
just checked now, pompem is installed by default on Parrotsec and thanks for that i never used it and it’s great ! it’s looking for blogs and all, not limiting itself to exploit-db
i really don’t think it would be necessary, VSCodium uses like 200MB of ram which is very low, and has ton of plugins to make it the jack of all trade IDE, it has been hand-picked by the Parrot Team and just like you previously said about Mate-Desktop, i don’t think they did it without thinking and testing.
VSCodium has a strong background with a lot of supporters/developers
There’s already an equivalent to Scite pre-installed on Parrot, it’s “Geany”
Yes i know that
But ok let you do
If you have
1GB RAM
DualCore
Run Vscodium with Screen recorder And try same with Scite (even open 1M passlist)
And that Geany is not Good
I’ve checked uniscan. It combines some tools to perform recon operations, then load some vuln scanning plugins. It doesn’t looks good. Need someone help me to test it and appraise
Here is my list after some small check. I will keep updating it https://drive.google.com/file/d/1YUeHvQnSr5BJLmAu5SRsgY-uOv5S4kk2/view @palinuro what do you think about tools in the list?
Golismero, Nikto, Wapiti and Openvas can do much better than uniscan don’t worry, i’ve tested uniscan some days ago, it fails to see a lot of vulns.
@Amzker, no offense, but if a user has 1GB of RAM he should use VIM for coding, or customize Parrot so that the packages are convenient for the computer(window manager). 1% of users will be content with Scite being the new text editor, while the 99% others users with 4GB+ of RAM won’t be able to use VSCodium anymore.
it is good if we have cli tool to scan web application layer instead of gui tool only
