Kali Linux 2025.3, a Debian-based distribution designed for advanced penetration testing and security auditing, is now available for download, marking the third quarterly release of 2025.
One of the headline changes is the integration of Nexmon, a patched firmware that enables monitor mode and packet injection on certain Broadcom and Cypress Wi-Fi chips. So, with this release, Raspberry Pi boards—including the Raspberry Pi 5—regain support for Nexmon. In other words, users can once again leverage built-in wireless hardware for sniffing and injection tasks, without relying on external adapters.
On the virtualization side, Kali has refreshed its Vagrant VM images. The project moved away from its old Packer-based approach and rebuilt the workflow using DebOS, improving consistency across VM build scripts. This update also includes refreshed pre-seed examples and upgrades to the Packer v2 standard.
As expected, Kali 2025.3 also introduces some new tools – this time, ten. Highlights include Caido and Caido-cli for web security auditing, Detect It Easy (DiE) for file type identification, Gemini CLI to bring AI into the terminal, krbrelayx for Kerberos abuse, ligolo-mp for pivoting, and llm-tools-nmap to extend scanning through LLMs. Additional additions include mcp-kali-server, patchleaks, and vwifi-dkms.
Elsewhere, the team officially dropped ARMel support. Following Debian’s lead, older devices like the Raspberry Pi 1, Pi Zero W, and ODROID-W are no longer supported due to limited usage and high maintenance costs. Instead, efforts are shifting toward more modern architectures, including RISC-V.
The VPN-IP Xfce panel plugin received an update as well. It now allows users to select which interface the plugin monitors, a change aimed at people managing multiple VPN connections.
On the mobile side, Kali NetHunter saw a major refresh. The release adds a new supported device, the Samsung Galaxy S10, offering internal monitor mode with injection. The CARsenal toolkit also got a substantial update, including new modules, a rewritten simulator, and tighter Metasploit integration for automotive security testing.
ARM builds also benefit in this release. The Raspberry Pi images are now consolidated, with the 64-bit arm64 image recommended for Pi 5. The 32-bit armhf images remain available for older boards, such as the Raspberry Pi 2.
For users looking to upgrade from an earlier version, using the sudo apt full-upgrade command is recommended to ensure a smooth transition to the new release. If you plan a new installation, the distro is available for download from the project’s website.
Refer to the release announcement for detailed information about all changes in Kali Linux 2025.3.
