Home

Welcome to Parrot Booty Protection Wiki

Enterprise-Grade Linux Security Hardening & Monitoring Platform

---

🎯 What is PBP?

┌─────────────────────────────────────────────────────────────┐
│  🏴‍☠️ Parrot Booty Protection                                │
│  ═══════════════════════════════════════════════════════════│
│                                                              │
│  Transform Linux hardening from ad-hoc scripts into a       │
│  cohesive, auditable defense system with:                   │
│                                                              │
│  ✓ 7 Security Modules      ✓ Automated Scanning            │
│  ✓ PDF/HTML Reports        ✓ TUI Dashboard                 │
│  ✓ Bug Hunt Mode           ✓ Rollback Capability           │
│  ✓ Risk Scoring            ✓ Production Ready              │
└─────────────────────────────────────────────────────────────┘

---

🚀 Quick Navigation

📖 Getting Started Installation Quick Start First Steps

🛡️ Security Modules Module Overview TIME • DNS NETWORK • CONTAINER

📊 Features Reporting System Bug Hunt Mode Risk Scoring

---

🏗️ System Architecture

graph TB
    subgraph "User Interface"
        CLI[pbp CLI]
        TUI[Dashboard]
        REPORTS[Reports]
    end
    
    subgraph "Core Engine"
        ENGINE[Orchestration Engine]
        STATE[State Management]
        REGISTRY[Module Registry]
        HEALTH[Health Checks]
        BACKUP[Backup/Rollback]
    end
    
    subgraph "Security Modules"
        TIME[⏰ TIME<br/>NTS Sync]
        DNS[🔒 DNS<br/>DoT]
        NETWORK[🛡️ NETWORK<br/>nftables]
        CONTAINER[📦 CONTAINER<br/>Podman]
        AUDIT[📋 AUDIT<br/>auditd]
        ROOTKIT[🔍 ROOTKIT<br/>Scanners]
        RECON[🌐 RECON<br/>nmap]
    end
    
    subgraph "Reporting"
        PARSER[Parsers]
        JSON[JSON Reports]
        HTML[HTML Reports]
        PDF[PDF Reports]
    end
    
    CLI --> ENGINE
    TUI --> ENGINE
    ENGINE --> STATE
    ENGINE --> REGISTRY
    ENGINE --> HEALTH
    ENGINE --> BACKUP
    
    REGISTRY --> TIME
    REGISTRY --> DNS
    REGISTRY --> NETWORK
    REGISTRY --> CONTAINER
    REGISTRY --> AUDIT
    REGISTRY --> ROOTKIT
    REGISTRY --> RECON
    
    TIME --> PARSER
    DNS --> PARSER
    NETWORK --> PARSER
    CONTAINER --> PARSER
    AUDIT --> PARSER
    ROOTKIT --> PARSER
    RECON --> PARSER
    
    PARSER --> JSON
    JSON --> HTML
    HTML --> PDF
    
    PDF --> REPORTS

Loading

---

🛡️ Security Modules

⏰ TIME NTS-Authenticated Time Sync ┌─────────────────────┐ │ chrony + NTS │ ├─────────────────────┤ │ ✓ Encrypted time │ │ ✓ Prevents attacks │ │ ✓ Cert validation │ └─────────────────────┘ Learn More →	🔒 DNS Encrypted DNS Queries ┌─────────────────────┐ │ systemd-resolved │ ├─────────────────────┤ │ ✓ DNS over TLS │ │ ✓ DNSSEC validation │ │ ✓ Leak prevention │ └─────────────────────┘ Learn More →
🛡️ NETWORK Stateful Firewall ┌─────────────────────┐ │ nftables │ ├─────────────────────┤ │ ✓ Default drop │ │ ✓ Stateful tracking │ │ ✓ Egress filtering │ └─────────────────────┘ Learn More →	📦 CONTAINER Rootless Security ┌─────────────────────┐ │ Podman + seccomp │ ├─────────────────────┤ │ ✓ Rootless runtime │ │ ✓ Capability drops │ │ ✓ Image validation │ └─────────────────────┘ Learn More →

View All Modules →

---

📊 Module Lifecycle

stateDiagram-v2
    [*] --> Uninstalled
    Uninstalled --> Installed: install
    Installed --> Enabled: enable
    Enabled --> Installed: disable
    Installed --> Uninstalled: uninstall
    Enabled --> Installed: rollback
    
    note right of Enabled
        ✓ Packages installed
        ✓ Configuration applied
        ✓ Services running
        ✓ Health verified
    end note

Loading

---

📈 Risk Scoring System

┌─────────────────────────────────────────────────────────┐
│  Risk Score Calculation                                 │
├─────────────────────────────────────────────────────────┤
│                                                          │
│  CRITICAL findings × 10 = ___                           │
│  HIGH findings     × 5  = ___                           │
│  MEDIUM findings   × 2  = ___                           │
│  LOW findings      × 1  = ___                           │
│                          ─────                           │
│  Total Risk Score      = ___                            │
│                                                          │
├─────────────────────────────────────────────────────────┤
│  Risk Bands:                                            │
│  🟢  0-20   SECURE     System well-hardened            │
│  🟡 21-50   MODERATE   Some issues need attention       │
│  🟠 51-100  ELEVATED   Significant vulnerabilities      │
│  🔴 100+    CRITICAL   Immediate action required        │
└─────────────────────────────────────────────────────────┘

---

🔍 Bug Hunt Workflow

flowchart LR
    START([pbp bughunt]) --> CONFIG[Configuration<br/>Validation]
    CONFIG --> FIREWALL[Firewall<br/>Analysis]
    FIREWALL --> SERVICES[Service<br/>Health]
    SERVICES --> TIME[NTS Time<br/>Sync]
    TIME --> DNS[DNS<br/>Hardening]
    DNS --> CONTAINER[Container<br/>Privileges]
    CONTAINER --> PORTS[Open Port<br/>Scan]
    PORTS --> PERMS[File<br/>Permissions]
    PERMS --> REPORT[Generate<br/>Master Report]
    REPORT --> JSON[JSON]
    REPORT --> HTML[HTML]
    REPORT --> PDF[PDF]
    
    style START fill:#2ecc71
    style REPORT fill:#3498db
    style JSON fill:#f39c12
    style HTML fill:#f39c12
    style PDF fill:#f39c12

Loading

---

📊 Project Statistics

Metric	Value
Total Files	85+
Lines of Code	~6,400
Security Modules	7
Hook Scripts	35
CLI Commands	13
Test Coverage	✓ Validated
Documentation	2,000+ lines

---

🎯 Use Case Matrix

┌─────────────────┬──────────┬──────────┬──────────┬──────────┐
│                 │ Security │  SysOps  │ PenTest  │ DevSecOps│
│                 │ Engineer │  Admin   │  Team    │   Team   │
├─────────────────┼──────────┼──────────┼──────────┼──────────┤
│ Hardening       │    ✓✓✓   │    ✓✓    │    ✓✓    │    ✓✓✓   │
│ Compliance      │    ✓✓✓   │    ✓✓✓   │    ✓     │    ✓✓    │
│ Monitoring      │    ✓✓    │    ✓✓✓   │    ✓     │    ✓✓    │
│ Reporting       │    ✓✓✓   │    ✓✓✓   │    ✓✓    │    ✓✓    │
│ Automation      │    ✓✓    │    ✓✓✓   │    ✓     │    ✓✓✓   │
│ Rollback        │    ✓✓    │    ✓✓✓   │    ✓✓    │    ✓✓    │
└─────────────────┴──────────┴──────────┴──────────┴──────────┘

---

🚀 Quick Start

# 1. Install PBP
git clone https://github.com/cyclonite69/parrot-booty-protection.git
cd parrot-booty-protection
sudo bash scripts/install.sh

# 2. Enable core modules
sudo pbp enable time dns network

# 3. Run security scan
sudo pbp scan

# 4. View dashboard
pbp dashboard

Detailed Installation Guide →

---

📚 Documentation Index

📖 Getting Started

• Installation Guide - Complete setup instructions
• Quick Start - Get running in 5 minutes
• CLI Reference - All commands explained
• First Steps - Your first hardening workflow

🛡️ Security Modules

• Module Overview - All 7 modules explained
• TIME Module - NTS time synchronization
• DNS Module - Encrypted DNS
• NETWORK Module - Firewall configuration
• CONTAINER Module - Podman security
• AUDIT Module - System monitoring
• ROOTKIT Module - Malware detection
• RECON Module - Network scanning

📊 Advanced Features

• Reporting System - PDF/HTML/JSON reports
• Bug Hunt Mode - Comprehensive validation
• Risk Scoring - Understanding risk metrics
• Automation - Systemd timers and scheduling

🏗️ Architecture

• System Design - How PBP works
• Module System - Plugin architecture
• State Management - Configuration tracking
• Rollback System - Safe configuration changes

🔒 Security

• Security Audit - Vulnerability assessment
• Best Practices - Hardening guidelines
• Threat Model - Attack scenarios

🤝 Development

• Contributing Guide - How to contribute
• Module Development - Create new modules
• Parser Development - Add scanner support
• Testing Guide - Test your changes

---

🎬 Demo

$ pbp list
=== Available Modules ===
✓ time      - NTS-authenticated time synchronization
✓ dns       - Encrypted DNS over TLS
✓ network   - nftables stateful firewall
○ container - Podman rootless security
○ audit     - System activity monitoring
  rootkit   - Malware detection
  recon     - Network exposure validation

$ sudo pbp bughunt
Bug Hunt Complete!
==================
Report Location: /var/log/pbp/reports/bughunt_20260226_100000
Risk Score: 15
Total Findings: 3

View reports:
  JSON: .../master-report.json
  HTML: .../master-report.html
  PDF:  .../master-report.pdf

---

🌟 Features at a Glance

🎯 Core Features ✅ Modular architecture ✅ Automated scanning ✅ Professional reports ✅ TUI dashboard ✅ Bug hunt mode ✅ Rollback capability ✅ Risk scoring ✅ Systemd integration

🔒 Security Features ✅ Input validation ✅ Output escaping ✅ Privilege separation ✅ Immutable reports ✅ SHA256 checksums ✅ Audit logging ✅ Fail-safe defaults ✅ Defense-in-depth

---

🗺️ Roadmap

gantt
    title PBP Development Roadmap
    dateFormat  YYYY-MM
    section Phase 1-4
    Architecture       :done, 2026-01, 1w
    Core Engine        :done, 2026-01, 2w
    Security Modules   :done, 2026-02, 2w
    Reporting & UI     :done, 2026-02, 1w
    section Phase 5
    Web Dashboard      :active, 2026-03, 4w
    Policy Profiles    :2026-04, 2w
    Email Alerting     :2026-04, 1w
    section Phase 6
    SIEM Integration   :2026-05, 3w
    Multi-Host Mgmt    :2026-06, 4w
    Compliance Maps    :2026-07, 3w

Loading

---

🤝 Community

Report Bug • Request Feature • Discussions

---

"May your booty be guarded and your lines be encrypted." 🦜🏴‍☠️

Made with ❤️ for the security community

⬆ Back to Top