uninstalled packages are automatically removed from the menu via a parrot-menu hook
1 Like
the video is from 2012, and all it can do, hydra and ncrack can too, hexorbase is mostly a GUI that can crack some services, and not fast. i don’t recommend any tools from savio-code, they are old, deprecated(ghost-phisher,hexorbase) and one is not free (fern-wifi-cracker).
thanks palinuro, that’s 250MB less on the system with theses 3 tools removed
It can do query and display table. It is not the best but it has features. fern-wifi-cracker in Parrot is community version and it is free. ghost-phisher, hexorbase, fern-wifi-cracker must be tested carefully to prove themselves.
Fern need tp be remove
1 Like
Suggest removing hash-indentifier. We are having hash-identifier and hashid, hashid shows better result, hash-identifier shows wrong result. Must test more
Yeah hashid was written to replace hash-identifier in the first place.
1 Like
hash-identifier hash poor regex and it detects wrong hash format. Gonna add it to the list soon
parrot-meta-* packages are listing all tools. I am going to test, list all useless / unusable tools and create manual for other tools. Hopefully we can create a handbook for Parrot Sec
Good luck.
sandi & sandi-gui should be remove
They are being in the list already
I’ve updated the list using markdown syntax. Here is example:
|sqlninja| SQL injection attack tool | Out of date, Unmaintained, has better tool| sqlmap |
https://nest.parrotsec.org/dmknght/parrotsec-tool-list-suggestion/blob/master/README.md
3 Likes
Need following packages preinstalled in parrot repo as well as in distro :
All the below mentioned packages are Opensource and used by millions of users/pentesters around the world.
==========================================
Kickthemout [Boots off unintended users from the WiFi]
Package : https://github.com/k4m4/kickthemout
==========================================
Knockpy - Subdomain enum using wordlists
Package : https://github.com/guelfoweb/knock
==========================================
Scrapy - Web crawling framework that allows you to create your own web crawlers
Package : https://github.com/scrapy/scrapy
==========================================
Cyberchef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
Package : https://github.com/gchq/cyberchef
==========================================
Striker - Striker is an offensive information and vulnerability scanner. Mainly DNS
Package : https://github.com/s0md3v/Striker
==========================================
SocialFish - Simple Phishing Framework With ngrok tunnel integration.
Package : https://github.com/UndeadSec/SocialFish/
==========================================
Scapy - A powerful Python-based interactive packet manipulation program and library.
Package : https://github.com/secdev/scapy
==========================================
Gidhra - A Powerfull Nextgen Reverse Engineering Tool Provided By NSA [National Security Agency] Of United States Of America, Completely Opensource.
Package : https://github.com/NationalSecurityAgency/ghidra
===========================================
Brave Browser - An OpenSource, Privacy Focused Browser Based On Chromium
Package : https://github.com/brave/brave-browser
===========================================
Fluxion - Advance WiFi Hacking - Made Simple.
Package - https://github.com/wi-fi-analyzer/fluxion
===========================================
These are essentials tools for most pentesters which unfortunately arent preinstalled in ParrotSec, A Pentesting OS. Would love to see them preinstalled in future releases 
Cheers!
2 Likes
Thanks for your list. We will choose good tools and maintain them on our repository. We are planing a new tool list and there are new guys (include me) are being trained to do this task. It will take time, but i promise you won’t be disapointed 
I’ll make sure i keep updating in this thread with new and better tools i find usefull for a pentester
Cheers!
1 Like
- python3-kivy
- Google web designer (not important)
I’ve seen this tools (Thanks for ExploitwareLabs for sharing)
https://github.com/pownjs/pown-cdb
Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP requests and responses.
It uses Terminal UI. Very pretty.
Hi everyone! I’ve added owasp-zsc, a shellcode generator, owasp-vbscan, cmseek. I also upgraded the code of parsero from version 0.81 (kali is having 0.7x version). I am working with gef (plugins for gdb) and koadic, a C&C tool with HTA attack vector (and some more). I’ve tested koadic and it was really really great: bypassed McAfee Endpoint, Windows Defender. I’ll take a look at Jessica’s tool suggestion. Completed tool is on our gitlab server already and I really hope they can come out in our next release.
I am also working with parrot-menu to improve menu look and feel.
Hey! I built a fork of this tool:
[Tool Request] Name That Hash - Development / Tools & Packages - Parrot Community (parrotsec.org)
HashID was last updated in 2015, this fork improves all aspects of the tool and is approved by one of their core contributors (who is now working with us on improving this!)
Thank you for your suggestion but unfortunately we can’t do any pentest tool thing for now. We are doing it, yes, but we have to solve maintaining problems before doing it.
We are also working on whole new pentest tool list with new categories
1 Like