Parrot Security OS - a meme?

All the brainlets ITT thinking pentesting OSes are secure cause of that one article claiming "offense is the best defense". Yeah, I'm gonna hack the hackers before they get me. Just lol. Use a real privacy and security focused OS pls

You're the brainlet if you think thats what "offense is the best defense".
The idea behind that statement is you pentest your own computers/phones/network to find the vulnerabilities, so you can patch them. What the fuck do you think white hats do?
Jesus, neck yourself.

>You're the brainlet if you think thats what "offense is the best defense" means.
fucked it up

lol ye you fork everything in your system daily sure, kiddo your security must be lightyears ahead

if you want good security just use a rolling release OS

It depends on what caused the security hole. Sometimes it could be something misconfigured, that you completely overlooked untill you pentest your system. If you go on shodan, youll find that 95% of all security holes is just misconfigured shit.

Plus, some people just enjoy learning pentesting. Its fun.

I do use a rolling release distro.

This. A pentest live distro by it's very nature couldn't be hardened.

You're an idiot

And you're kind of fucking fuckwit who thinks they're clever installing what is meant to be a live pentest distro.

Glad we sorted that out.

I dont use live pentesting distros as my main os. But any hardening you can do on an installed system, you can do on a live system, and thats why you are an idiot.

What's this theme your pic has, OP? It's not the default, and I'm not seeing it in the immediately available list. For that matter, what are the widgets on the right side?

Bumping for response, please.

Im not sure what the theme is, but the widget is just a conky script with an imbeded lua script. shouldnt be too hard to reproduce.

I see. Google searching turns up some youtube videos that give links to the themes, except the links no longer work. So I'm not sure where to look.

Just learn the conky syntax and write your own. Its really easy, and it can display any information you want. The circles come from the lua language, so you need to learn that if you want circles, but other than that its really easy.
heres a list to all conky vars: conky.sourceforge.net/variables.html

>heres a list to all conky vars:
OK, that'll help when getting the actual information to display, but the graphical elements seen in OP's pic are the important piece here, both for the theme and the widget. That's really what I'm trying to find.

I think its better than Kali.

I have no idea about the theme used, but conky is really versatile and can be made to look however you want. Its completely independant from active themes.

This

Don't you have to first get the files containing the graphical elements for conky to use? Or can you create/design them with conky?

First install conky (its different for each operating system, so look it up)
Second, write a config file for it (use the new synatax. i.e
conky.config = {

}
conky.text = [[

AHA! Did some digging and found Parrot OS' Github pages. Turns out that conky configuration seen in OP's pic is stored as a Github repo! So, once I get conky installed, it should be a simple matter of getting the config file and related files from the repo and placing them in the appropriate locations, right?

yeah, it should be really easy. just run
conky --config

>A pentest live distro by it's very nature couldn't be hardened.
I don't think that means what you think it means

This.
There is absolutely no sense in installing a lots of pentesting bloat.

>if you want good security just use a rolling release OS
lol no. if you want security, use something like debian stable and configure it properly.

>rolling release OS
So you can get all the newest zero days into your system, lol

Alright, got conky installed, put the files from the repo in the appropriate places. When I started conky, the widgets came up, with some problems:
-overall height is too tall for the screen
-text overlaps circle boundaries in some places
-the circular meters aren't showing the curved bars
-it's not detecting the distro
Looks like I'll have to get into the Lua and the variables to get it right...
*rolls up sleeves*
Oh, pic related; still have to find the theme, it seems.
conky: llua_do_call: function conky_main_rings execution failed: attempt to call a nil value

Attached: parrot widget problems.png (1920x979, 2.19M)

Man, using conky in a VM is pretty different than on bare metal. Hmm, my host system can definitely sense the CPU temps, but VBox doesn't emulate it; how to pass it through, I wonder...

I think it's fucking great.

Very nice user interface and functionalites and has EVERYTHING you can think of out of the box.

Only downside is that every update (and you should update daily..) takes quite a while. But that's the price you're paying for having everything ready at your command.

All in all a funky and underrated distribution if you're into pentesting. (They also have a "non-pentesting" version without the tools for what it's worth..)

Looks like it's just not possible to expose the host's CPU temperature data to the guest. So I'll have to skip that. In the meantime, looks like the folks who make conky updated their syntax to follow Lua principles, but the conky script for the Parrot OS widgets was written before that changeover was made. So now I gotta go through and add ='s and {}'s to every single setting before I can get to the real problems. Lovely.

>But any hardening you can do on an installed system, you can do on a live system, and thats why you are an idiot.
I genuinely don't know what the fuck I'm talking about : The Post.

Taken a few minutes to think about it and I was wrong to reply with a 1 liner. You obv. think you know what you're doing but are so far from right I think it's fair to set you straight.

>install "daily driver" linux distro
>harden - disable ssh,squid etc., set basic iptables rules, install on different partitions (/boot, /var,/tmp etc.) - make relevant partitions noexec in fstab. Common sense stuff.

>boot live usb pentest distro
>needs ports open and root exec on fucking everything in order to be fucking effective
>you fuck around for days playing with init scripts and twiddling with casper images to build your own live distro that can't scan ports and has no exec privilege on anything as a pentest distro
>muh doesn't just werk...

But hey, who am I to tell you what to do? Can i suggest that since you seem a little naive in this that you follow some of the suggestions here - pluralsight.com/blog/it-ops/linux-hardening-secure-server-checklist
It's not mine and it's far from exhaustive but it's a gud start.

Attached: 26183627_169607410434204_7204588458268950528_n.jpg (1080x1350, 115K)

Actually it's just apt now