Sorry for lately reply but i am creating this file on nest
i’ve created it here but i don’t know how to display it. I am trying to change it with git format. https://nest.parrotsec.org/dmknght/parrotsec-tool-list-suggestion/
. Anyway please don’t forget remove removed-tools in menu
https://www.youtube.com/watch?v=n8qcoqA2ENA
here is a video about hexobase. It has some good feature so i think it is better to leave it there. P/s: no mssql supported. Sad!
uninstalled packages are automatically removed from the menu via a parrot-menu hook
the video is from 2012, and all it can do, hydra and ncrack can too, hexorbase is mostly a GUI that can crack some services, and not fast. i don’t recommend any tools from savio-code, they are old, deprecated(ghost-phisher,hexorbase) and one is not free (fern-wifi-cracker).
thanks palinuro, that’s 250MB less on the system with theses 3 tools removed
It can do query and display table. It is not the best but it has features. fern-wifi-cracker in Parrot is community version and it is free. ghost-phisher, hexorbase, fern-wifi-cracker must be tested carefully to prove themselves.
Fern need tp be remove
Suggest removing hash-indentifier. We are having hash-identifier and hashid, hashid shows better result, hash-identifier shows wrong result. Must test more
Yeah hashid
was written to replace hash-identifier
in the first place.
hash-identifier
hash poor regex and it detects wrong hash format. Gonna add it to the list soon
parrot-meta-*
packages are listing all tools. I am going to test, list all useless / unusable tools and create manual for other tools. Hopefully we can create a handbook for Parrot Sec
Good luck.
sandi & sandi-gui should be remove
They are being in the list already
I’ve updated the list using markdown syntax. Here is example:
|sqlninja| SQL injection attack tool | Out of date, Unmaintained, has better tool| sqlmap |
https://nest.parrotsec.org/dmknght/parrotsec-tool-list-suggestion/blob/master/README.md
Need following packages preinstalled in parrot repo as well as in distro :
All the below mentioned packages are Opensource and used by millions of users/pentesters around the world.
==========================================
Kickthemout [Boots off unintended users from the WiFi]
Package : https://github.com/k4m4/kickthemout
==========================================
Knockpy - Subdomain enum using wordlists
Package : https://github.com/guelfoweb/knock
==========================================
Scrapy - Web crawling framework that allows you to create your own web crawlers
Package : https://github.com/scrapy/scrapy
==========================================
Cyberchef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
Package : https://github.com/gchq/cyberchef
==========================================
Striker - Striker is an offensive information and vulnerability scanner. Mainly DNS
Package : https://github.com/s0md3v/Striker
==========================================
SocialFish - Simple Phishing Framework With ngrok tunnel integration.
Package : https://github.com/UndeadSec/SocialFish/
==========================================
Scapy - A powerful Python-based interactive packet manipulation program and library.
Package : https://github.com/secdev/scapy
==========================================
Gidhra - A Powerfull Nextgen Reverse Engineering Tool Provided By NSA [National Security Agency] Of United States Of America, Completely Opensource.
Package : https://github.com/NationalSecurityAgency/ghidra
===========================================
Brave Browser - An OpenSource, Privacy Focused Browser Based On Chromium
Package : https://github.com/brave/brave-browser
===========================================
Fluxion - Advance WiFi Hacking - Made Simple.
Package - https://github.com/wi-fi-analyzer/fluxion
===========================================
These are essentials tools for most pentesters which unfortunately arent preinstalled in ParrotSec, A Pentesting OS. Would love to see them preinstalled in future releases
Cheers!
Thanks for your list. We will choose good tools and maintain them on our repository. We are planing a new tool list and there are new guys (include me) are being trained to do this task. It will take time, but i promise you won’t be disapointed
I’ll make sure i keep updating in this thread with new and better tools i find usefull for a pentester
Cheers!
- python3-kivy
- Google web designer (not important)
I’ve seen this tools (Thanks for ExploitwareLabs for sharing)
https://github.com/pownjs/pown-cdb
Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP requests and responses.
It uses Terminal UI. Very pretty.