Kali Linux 2025.3: 10 New Tools and Boosted Wi-Fi

The new Kali Linux 2025.3 update marks a significant step in the evolution of this flagship distribution dedicated to IT security and ethical hacking. Designed for pentesting and security audit specialists, Kali Linux continues to expand its arsenal with the integration of ten innovative tools, while also bringing significant improvements to Wi-Fi support thanks to Nexmon, a firmware framework that extends the capabilities of Broadcom chips. This release, which is part of the 2025 release plan, is particularly targeted at professionals working on wireless networks, as well as those leveraging the power of Raspberry Pi and other ARM platforms, now with native support for the latest generation Raspberry Pi 5. Furthermore, NetHunter, Kali Linux’s mobile environment, receives a series of optimizations that facilitate penetration testing operations on smartphones, thus strengthening the versatility of this Linux distribution dedicated to cybersecurity. Technical Overview of Kali Linux 2025.3’s 10 New Tools for Advanced Pentesting

The richness of Kali Linux lies in its interface with a vast ecosystem of tools designed for various penetration testing and security audit scenarios. Version 2025.3 introduces ten new utilities that cover a wide range of uses, from web pentesting to network discovery, while leveraging advances in artificial intelligence. Among these tools,

Caido stands out as a complete suite dedicated to web security auditing. It is divided into two components: Caido-cli , the server component, andCaido for the graphical interface, providing pentesters with a seamless and robust experience for analyzing their targets.

The Detect It Easy (DiE) software It assists in the precise identification of file types, a valuable asset when analyzing malware or unknown binaries. This tool increases the speed and reliability of static analysis. In line with the rise of artificial intelligence, Kali also integrates Gemini CLI, an open-source AI agent that allows the power of Gemini, a general intelligence model, to be directly harnessed via the terminal. This integration is part of a trend toward automating cybersecurity tasks, particularly in sorting and interpreting large amounts of data from network scans.

The krbrelayx tool specifically targets Kerberos protocols to facilitate relay attacks and the abuse of unconstrained delegation, advanced techniques often used in penetration testing on complex enterprise networks. For multi-user pivoting needs during distributed attacks, ligolo-mp is a pivoting solution that enhances Kali. Network defense is also enhanced by llm-tools-nmap, an add-on that allows language models (LLM) to run Nmap scans, combining the power of AI with the most trusted scanning tool for uncovering infrastructure vulnerabilities.

MCP-kali-server facilitates the configuration of AI agents for Kali, a key step in integrating artificial intelligence into the pentest workflow.
Patchleaks focuses on the rapid detection of security patches and their detailed description, allowing analysts to quickly validate or exploit recently patched vulnerabilities.
Finally, vwifi-dkms offers a tool for creating temporary “dummy” Wi-Fi networks, ideal for simulating accessible Wi-Fi environments or testing equipment behavior without risk.

These tools illustrate Kali Linux’s commitment to remaining at the forefront of cybersecurity, integrating solutions for both network security and the new opportunities offered by artificial intelligence and virtualization. This update builds on previous releases, enhancing stability while providing users with access to programs that facilitate complex audits and in-depth investigations.

Discover what's new in Kali Linux 2025.3: 10 powerful new tools, major Wi-Fi improvements, and essential updates for cybersecurity experts. Analysis, pentesting, and security are all here!

Wi-Fi improvements and Nexmon integration: a revolution in Wi-Fi hacking under Kali Linux

Improved wireless network support is one of the major focuses highlighted in this 2025.3 release. Nexmon, an open-source framework for modifying the firmware of Broadcom and Cypress Wi-Fi chips, now enables key features such as monitor mode and frame injection, essential for Wi-Fi hacking and in-depth analysis of wireless networks in real-world conditions. While pentesting professionals often operate in environments where the wireless network represents a critical entry point, Nexmon breathes new life into penetration testing. Native support in Kali Linux simplifies the use of Nexmon, whereas previously complex manual manipulations were required. Expanded support for new platforms, now including Raspberry Pi 5, offers increased flexibility for field engagements, allowing users to easily deploy mobile or embedded systems with enhanced Wi-Fi capabilities. To give a concrete example, a security expert can now configure a Raspberry Pi 5 equipped with Kali and Nexmon to intercept and analyze Wi-Fi traffic in passive mode via monitor mode, then inject packets to test an access point’s resistance to specific attacks, without having to rely on additional proprietary hardware.

Easily enable monitor mode to capture network traffic. Packet injection to simulate attacks or weaken connections.Cross-platform support and improvements to Broadcom/Cypress firmware.

Performance optimizations on Raspberry Pi 4 and 5, as well as other compatible Linux distributions.

Improvements have been integrated into the NetHunter manager to leverage these features on mobile devices.
Furthermore, the integration of Nexmon into Kali Linux also comes with a major update for NetHunter, the Kali Linux environment dedicated to mobile devices. Support is extended to smartphones like the Samsung S10, improving usability for mobile pentesters. Additionally, the CARsenal project, focused on automotive hacking, receives a graphical refresh and bug fixes for a better experience when performing penetration testing on embedded systems.
Discover what’s new in Kali Linux 2025.3: 10 new must-have tools and major Wi-Fi improvements. Stay up to date with the latest advances in cybersecurity and penetration testing.
https://www.youtube.com/watch?v=VQpVTDv7YgE
System optimizations and advanced virtual network management in Kali Linux 2025.3

In addition to the functional additions, Kali Linux 2025.3 also improves several essential systemic aspects for professionals dedicated to IT security and ethical hacking. Among the notable new features, the IP VPN plugin in the Xfce environment has been enhanced to allow users to precisely select which network interface they want to monitor, thus simplifying VPN connection monitoring.

This new feature is particularly useful for analysts using multiple virtual connections simultaneously, allowing more precise management of data flows and immediate access to associated IP addresses. It also makes it easier to copy the VPN IP address to the clipboard for quick use in work or documentation sessions.

Another fundamental change is the discontinuation of support for the ARMel (Acorn RISC Machine Little-Endian) architecture, in line with the phase-out of older hardware. Kali now prioritizes ARM64, which optimizes compatibility with modern processors while improving security through more advanced kernel features. This transition, however, requires careful attention during updates, as highlighted in a recent article on update failures in Kali Linux.

Better VPN management with specific interface selection in Xfce.

Removal of ARMel support to refocus efforts on ARM64.

Ability to install kernel modules via Magisk, although this feature is still experimental.

Optimizations for integration into virtual and container environments.

Updates to the HashiCorp Packer and Vagrant tools for faster and more reliable deployment of Kali VMs.
Kali Linux 2025.3 also improves its flexibility in virtualized environments such as Windows Subsystem for Linux (WSL). WSL2’s recommended usage now provides better support for graphical applications and smoother interactions between Windows and Kali—a major advancement for users who leverage dual boot or virtualization to work with Linux without leaving their primary system.
https://www.youtube.com/watch?v=m06GQYQ5u1Y
Installation and Upgrade Procedures: Maintaining a Secure and High-Performance Kali Linux System
Upgrading to Kali Linux 2025.3 can be done as a full upgrade or via a fresh installation using ISO images adapted to various platforms. For a Linux system administrator, mastering the upgrade commands is crucial to ensuring the continuity of uninterrupted security audits. It is recommended to ensure that the Kali Rolling repository sources are properly configured before launching the update, with the following line:

echo “deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware” | sudo tee /etc/apt/sources.list

Then, a full update is performed via:

sudo apt update && sudo apt -y full-upgrade

Finally, to complete the operation properly, a copy of the standard profile’s personal files is made, and a system reboot can be triggered automatically if necessary:

cp -vrbi /etc/skel/. ~/

[ -f /var/run/reboot-required ] && sudo reboot -f

Windows users running Kali Linux via WSL should migrate to the WSL2 version to take advantage of the graphics and performance improvements. A check of the current WSL version is performed with the command:

wsl -l -v

in a Windows terminal

For deployment on virtual machines, using the latest versions of HashiCorp Packer and Vagrant integrated into Kali 2025.3 enables automated and reliable installation that reduces human error. The wide range of platforms supported by the Kali 2025.3 ISO images facilitates implementation on servers, workstations, and ARM platforms like Raspberry Pi.
To explore all the new features and fixes, the complete Kali Linux 2025.3 changelog is available on the official website. This detailed tracking is recommended to understand the detailed changes and anticipate the potential impact on production environments.

Discover what’s new in Kali Linux 2025.3: 10 powerful new tools and major Wi-Fi improvements to optimize your IT security and penetration testing experience. Impact of Kali Linux 2025.3 on IT Security Practices and Outlook for Ethical Hacking

Kali Linux remains an essential tool for IT security experts, whether for penetration testing, wireless network audits, or malware and vulnerability investigations. Version 2025.3 consolidates this position by providing not only new tools but also hardware improvements, particularly in the area of Wi-Fi hacking, which is crucial in a context where securing wireless networks is becoming increasingly complex. The availability of Nexmon on ARM architectures, and particularly on the latest generation of Raspberry Pis, democratizes access to sophisticated penetration testing on mobile and embedded devices. This opens the door to new red team strategies, particularly for simulating attacks targeting critical infrastructure in industrial or urban environments.

From a software perspective, the integration of AI agents like Gemini CLI into Kali Linux also paves the way for more proactive security. AI-powered tools optimize the exploration and analysis of complex environments, reducing the time needed to detect vulnerabilities or review security patches with tools like Patchleaks.

Tangible improvements in the accuracy and speed of penetration testing.

Expanded mobile and embedded pentesting capabilities with NetHunter and Nexmon.

An innovative approach to using artificial intelligence for cybersecurity.

Enhanced tools for wireless network audits, often overlooked in infrastructure.

Adaptation to modern ARM64 and virtualized environments for better compatibility.

Ultimately, version 2025.3 positions Kali Linux as a modern, essential player in the landscape of Linux distributions dedicated to security and ethical hacking. To stay up-to-date on Linux trends and optimize your technical capabilities, it’s also recommended to complement your use of Kali with a solid understanding of the fundamentals of Linux and its environments, as illustrated by the guides on Linux terminal functionality and Windows virtualization.