Table of Contents
TLDR
Kali Linux 2025.3 launches with 10 powerful new security tools including Caido web auditing toolkit, Detect It Easy file analysis, and Gemini CLI AI integration. The release brings back Nexmon support for Raspberry Pi wireless injection, enhanced VM tooling, and CARsenal car hacking updates. Security professionals gain advanced capabilities for network testing, file analysis, and mobile penetration testing.
Introduction to Kali Linux 2025.3
Kali Linux 2025.3 arrives with significant updates that push penetration testing capabilities further forward. This latest release focuses on enhanced wireless testing, streamlined VM deployment, and powerful new security tools.
The update targets IT security professionals seeking cutting-edge testing capabilities. The release includes Packer and Vagrant improvements, Nexmon support restoration, and 10 new tools for comprehensive security testing.
Key Kali Linux 2025.3 Features
Enhanced Virtual Machine Management
Kali has refreshed its HashiCorp integration, upgrading from Packer v1 to v2 standards whilst streamlining VM building processes. The team moved from Packer-based Vagrant generation to more efficient workflows.
These changes improve consistency across pre-seed examples and build scripts. Security teams benefit from more reliable VM deployments for testing environments.
Nexmon Wireless Support Returns
Nexmon support brings “patched” firmware for Broadcom and Cypress wireless chips, enabling monitor mode packet sniffing and injection capabilities. Raspberry Pi devices, including the Pi 5, now support internal wireless testing.
Both monitor mode and injection work on 2.4GHz and 5GHz frequencies, providing comprehensive wireless assessment capabilities. This functionality proves essential for network penetration testing services requiring wireless attack vectors.
Configurable VPN Monitoring
The Xfce VPN-IP panel plugin now supports multiple network interfaces. Users can monitor different VPN connections by configuring the interface parameter in preferences.
This enhancement benefits security professionals managing multiple VPN connections during assessments. Right-clicking the plugin opens configuration options for interface selection.
10 New Hacking Tools in Kali Linux 2025.3
Web Security Testing Tools
Caido and Caido-cli provide comprehensive web security auditing capabilities. Caido offers the graphical desktop interface whilst Caido-cli handles server-side operations for web application testing.
According to William Fieldhouse, Director of Aardwolf Security Ltd: “Caido being added to the platform is a nice addition. It provides an excellent alternative to traditional web application testing tools, with a modern interface that security professionals will appreciate for comprehensive web audits.”
File Analysis and Detection
Detect It Easy (DiE) delivers advanced file type identification capabilities. This tool helps analysts quickly determine file formats and potential threats during forensic investigations.
The software integrates seamlessly with existing Kali workflows. Security teams use DiE for malware analysis and file classification tasks.
AI-Powered Security Tools
Gemini CLI brings artificial intelligence directly into terminal operations. This open-source AI agent enables Gemini integration for command-line security tasks.
llm-tools-nmap combines large language models with network discovery. The tool enables AI-assisted network scanning and security assessment automation.
Network Pivoting Solutions
ligolo-mp offers multiplayer pivoting functionality for complex network assessments. Security teams use this tool for lateral movement during penetration testing services.
vwifi-dkms creates “dummy” Wi-Fi networks for testing scenarios. The tool establishes controlled wireless environments without requiring physical hardware.
Kerberos and Active Directory Testing
krbrelayx provides Kerberos relaying and unconstrained delegation abuse capabilities. This toolkit targets Active Directory environments commonly found in enterprise assessments.
Security professionals leverage krbrelayx for privilege escalation and lateral movement testing. The tool complements existing AD testing methodologies.
Patch Analysis and AI Integration
patchleaks identifies security fixes and provides detailed vulnerability descriptions. Teams can validate or weaponise discovered patches quickly.
mcp-kali-server configures MCP connections between AI agents and Kali systems. This integration streamlines automated security testing workflows.
Kali NetHunter Updates
Mobile Wireless Injection
The Samsung Galaxy S10 now supports internal monitor mode with wireless injection on both 2.4GHz and 5GHz frequencies. This collaboration between Nexmon team, @V0lk3n, and @yesimxev delivers budget-friendly wireless testing capabilities.
The TicWatch Pro 3 smartwatch supports wireless injection, deauthentication, and WPA2 handshake capture through exceptional collaboration efforts. This advancement brings wireless testing to wearable devices.
CARsenal Automotive Testing
CARsenal expands car hacking capabilities with UI improvements, new simulation tools, and Metasploit Framework integration. The toolset includes ICSim and UDSim simulators for controlled testing environments.
New features include hardware bridge connectivity and post-exploitation modules. OnePlus6 kernel support enables CAN testing on additional mobile platforms.
Enhanced Application Stability
Significant code updates improve UI stability, replace deprecated libraries, and upgrade threading mechanisms from AsyncTask to Executor. These changes enhance NetHunter application performance and reliability.
Boot animation fixes and API compatibility improvements support Android versions 21 through 34+. Updated BusyBox binaries and vulnerability databases strengthen testing capabilities.
ARM and Raspberry Pi Improvements
Kali ARM addresses kernel update issues whilst recommending 64-bit (arm64) images over 32-bit (armhf) for Raspberry Pi devices. The unified arm64 image supports both Raspberry Pi 4 and Pi 5 models.
ARMel architecture support ends, following Debian’s decision to discontinue support for legacy hardware including original Raspberry Pi and Pi Zero W models. This change allows resource allocation towards modern platforms like RISC-V.
Getting Started with Kali Linux 2025.3
Fresh Installations
Download Kali Linux 2025.3 from the official website in various formats. Options include 64-bit, ARM, VM, Cloud, WSL, and mobile platform versions.
Choose the appropriate image based on your hardware requirements. ARM64 images work best for modern Raspberry Pi devices.
Existing System Updates
Current Kali users can upgrade using standard apt commands:
sudo apt update && sudo apt full-upgradeThe update process maintains existing configurations whilst adding new tools. Verify the upgrade success by checking version information.
Professional Testing Services
Security teams requiring comprehensive assessments should consider partnering with top pen testing companies for complex engagements. Professional services complement Kali’s capabilities with expert analysis.
Request a penetration test quote for tailored security assessments using the latest Kali Linux 2025.3 tools and methodologies.
FAQ
What are the main new features in Kali Linux 2025.3?
Kali Linux 2025.3 introduces 10 new security tools, Nexmon support for Raspberry Pi wireless injection, enhanced VM tooling with Packer and Vagrant improvements, and updated CARsenal car hacking capabilities. The release also includes NetHunter mobile updates and ARM architecture improvements.
Which new tools are included in Kali Linux 2025.3?
The 10 new tools include Caido and Caido-cli for web security auditing, Detect It Easy for file analysis, Gemini CLI for AI integration, krbrelayx for Kerberos testing, ligolo-mp for network pivoting, llm-tools-nmap for AI-powered scanning, mcp-kali-server for AI agent connectivity, patchleaks for vulnerability analysis, and vwifi-dkms for wireless network simulation.
Does Kali Linux 2025.3 support wireless injection on Raspberry Pi?
Yes, Nexmon support enables monitor mode and injection capabilities for Raspberry Pi’s built-in Wi-Fi, including support for Raspberry Pi 5. The functionality works on both 2.4GHz and 5GHz frequencies through patched Broadcom and Cypress firmware.
How do I update my existing Kali Linux installation to version 2025.3?
Run sudo apt update && sudo apt full-upgrade in your terminal to upgrade to Kali Linux 2025.3. Verify the update by checking grep VERSION /etc/os-release which should show version 2025.3. The process maintains existing configurations whilst adding new tools and features.
What mobile devices support NetHunter wireless injection in Kali Linux 2025.3?
The Samsung Galaxy S10 now supports internal monitor mode with wireless injection on both frequency bands, whilst the TicWatch Pro 3 smartwatch enables wireless injection, deauthentication, and WPA2 handshake capture. OnePlus6 devices also gain CAN testing capabilities through new kernel support.
