Kali Linux 2025.4: New Tools & Major Quality-of-Life Upgrades
▼ Summary
– OffSec has released Kali Linux 2025.4, a new version of its penetration testing and digital forensics platform.
– The update includes usability improvements across its GNOME, KDE Plasma, and Xfce desktop environments, such as organized tool folders and new screenshot features.
– Three new tools are introduced: bpf-linker for linking BPF files, evil-winrm-py for remote Windows command execution, and hexstrike-ai for AI agent tool automation.
– Kali NetHunter, the mobile platform, now supports additional devices including specific Samsung Galaxy, OnePlus Nord, and Xiaomi Mi models.
– The Kali Live bootable image is now only downloadable via BitTorrent due to its increased size, similar to the existing policy for the Kali Everything image.
The latest release of the popular security platform, Kali Linux 2025.4, is now available from OffSec, delivering a suite of user experience refinements alongside its expected batch of new penetration testing utilities. This update focuses heavily on improving the daily workflow for security professionals across its supported desktop environments, making tools more accessible and interactions more intuitive.
For users of the GNOME desktop, Kali tools within the application grid are now neatly organized into folders, streamlining navigation. A convenient new shortcut also allows for rapid terminal window access directly from the desktop. The KDE Plasma environment receives several practical upgrades, including a revamped screenshot utility with built-in editing capabilities. It also introduces quicker access to pinned clipboard items, and its search function has been enhanced with better fuzzy matching, correctly identifying applications even when their names are misspelled. Meanwhile, the Xfce desktop now includes support for applying system-wide color themes.
As with every release, new tools are a central feature. Version 2025.4 introduces three significant additions. The first is bpf-linker, a utility designed for statically linking multiple BPF (Berkeley Packet Filter) object files. It performs the necessary optimizations to ensure compatibility with older Linux kernels. Next is evil-winrm-py, a Python-based implementation of a tool for executing commands on remote Windows machines via the Windows Remote Management (WinRM) protocol. Finally, hexstrike-ai arrives as an MCP (Model Context Protocol) server, enabling AI agents to autonomously operate security tools within the Kali ecosystem.
The mobile penetration testing platform, Kali NetHunter, has expanded its hardware compatibility. It now offers support for the Samsung Galaxy S10 series devices, including the S10, S10e, S10 Plus, and S10 5G, when they are running LineageOS 23. Support has also been added for the OnePlus Nord running Android 16 and the Xiaomi Mi 9 running Android 15.
A notable change concerns distribution methods for one of the platform’s images. Due to its substantially increased file size, the Kali Live image, a bootable version that runs directly from removable media like a USB drive, will now be available for download exclusively via BitTorrent. This mirrors the existing distribution method for the comprehensive Kali Everything image, which contains all available tools. All other standard Kali Linux 2025.4 installation images remain available for direct download through the official channels.
(Source: HelpNet Security)
