Kali Linux 2025.3: Enhanced VM Support & 10 New Tools
▼ Summary
– OffSec has released Kali Linux 2025.3, the latest version of its penetration testing and digital forensics platform.
– The update includes improved virtual machine tooling with more consistent and manageable scripts and workflows.
– Nexmon Wi-Fi support has been reintroduced, enabling monitor mode and packet injection on more devices like the Raspberry Pi 5.
– Ten new tools have been added, including security auditing, file identification, and AI-integrated utilities like Caido and Gemini CLI.
– Additional improvements include updates to NetHunter and CARsenal toolkits, the removal of ARMel support, and a configurable Xfce VPN-IP panel plugin.
The latest iteration of the penetration testing platform, Kali Linux 2025.3, is now available from OffSec. This release introduces significant enhancements to its virtual machine infrastructure and integrates a suite of ten new tools, reinforcing its position as a leading resource for cybersecurity professionals and digital forensics experts.
A major focus of this update is on improving the platform’s virtual machine capabilities. The underlying scripts and workflows responsible for building and distributing VM images have been overhauled. These refinements result in a more consistent and manageable process for users who rely on Kali within virtualized environments.
Nexmon Wi-Fi support has been reintroduced, extending functionality to a wider array of hardware. This firmware patch is crucial for enabling monitor mode and packet injection on specific wireless chipsets. The renewed support is particularly beneficial for users of various Raspberry Pi models, including the newer Pi 5, expanding the options for portable penetration testing setups.
This version also enriches the toolkit arsenal with ten new additions. The lineup includes Caido and Caido-cli, which together form a comprehensive web security auditing toolkit. For file analysis, Detect It Easy (DiE) provides robust file type identification. The integration of AI continues with Gemini CLI, an open-source agent that brings Google’s Gemini AI directly to the command line. Security researchers will appreciate krbrelayx, a toolkit designed for Kerberos relaying and exploiting unconstrained delegation.
Network tunneling receives an upgrade with ligolo-mp, an advanced iteration of Ligolo-ng that supports multiple concurrent tunnels for collaborative testing. Bridging artificial intelligence and network reconnaissance, llm-tools-nmap empowers large language models to conduct security scans. The mcp-kali-server offers a configuration to seamlessly connect AI agents to the Kali environment. For code analysis, patchleaks compares different versions of a codebase to highlight and explain changes, making it easier to identify security patches. Finally, vwifi-dkms is a new utility for creating and managing dummy Wi-Fi networks.
Beyond the new tools, the release includes several additional refinements. The NetHunter toolkit for mobile penetration testing and the CARsenal toolkit for automotive hacking have both been updated. Support for the older ARMel architecture has been discontinued, allowing the development team to focus on more modern systems. To improve daily usability, the Xfce desktop environment’s VPN-IP panel plugin is now configurable, offering users greater control over their network connections.
Kali Linux 2025.3 is ready for download, providing the cybersecurity community with an updated and more powerful platform for their security assessments.
(Source: HelpNet Security)
