Kali Linux 2025.2 Release Notification >>>
The penetration testing community has received a significant upgrade with the release of Kali Linux 2025.2, marking another milestone in the evolution of this essential cybersecurity platform.
This latest version introduces groundbreaking smartwatch capabilities, a completely redesigned menu system, and a comprehensive suite of new tools that promise to enhance both red and blue team operations.
Perhaps the most exciting development in Kali Linux 2025.2 is the introduction of the first smartwatch with actual wireless injection support, new tools, and Android radio.
After three years of development, the TicWatch Pro 3 (all variants with bcm43436b0 chipset) now supports full wireless injection capabilities, including de-authentication attacks and WPA2 handshake capture.
This breakthrough was made possible through exceptional collaboration between developers and the NexMon team, representing a significant advancement in portable penetration testing capabilities.
Kali Linux 2025.2 Latest Features >>>
Kali Linux 2025.2 features a completely reworked menu system that abandons the legacy BackTrack structure in favor of the MITRE ATT&CK framework.
This reorganization makes tool discovery significantly more intuitive for both red and blue teams, addressing long-standing issues with tool organization and accessibility.
The new system is fully automated, replacing the previous manual management approach that had become increasingly difficult to maintain as the tool collection grew.
The release brings substantial improvements to desktop environments, with GNOME upgraded to version 481. Key enhancements include notification stacking, performance improvements, dynamic triple buffering, enhanced image viewer capabilities, digital wellbeing features, and HDR support.
KDE users receive Plasma 6.3, featuring a major overhaul of fractional scaling, improved screen color accuracy with Night Light, and enhanced system monitoring capabilities.
A notable addition is the new GNOME VPN IP extension, which displays the current VPN connectionβs IP address directly in the panel and allows one-click clipboard copying. This community-contributed feature mirrors similar functionality previously available only in Xfce environments.
Active Directory reconnaissance capabilities receive a major boost with the integration of BloodHound Community Edition. The update includes a complete set of ingestors: azurehound, bloodhound-ce-python, and sharphound.
This upgrade provides a smoother interface, better performance, and enhanced capabilities for mapping complex Active Directory environments.
The Kali Linux 2025.2 release introduced a teaser feature showcasing Kali NetHunter KeX running on Android radio systems. This development represents what appears to be the first use case of its kind, serving as a preview for upcoming Android Auto support that will work with any non-Android-based head unit that supports Android Auto.
The Android radio integration leverages the Kali NetHunter Desktop Experience (KeX) technology. KeX allows users to run full Kali Linux desktop sessions with support for screen mirroring via HDMI or wireless screen casting.
In the context of Android radios, you can use your Android head unit as a KeX client to connect to your phone running a KeX server.
Kali Linux 2025.2 introduces thirteen new tools to the network repositories, including azurehound for Microsoft Azure data collection, binwalk3 for firmware analysis, and bopscrk for intelligent wordlist generation.
Complete List of Latest Tools >>>
| Tool Name | Description | Category | Function |
|---|---|---|---|
| azurehound | BloodHound data collector for Microsoft Azure | Reconnaissance | Collects Azure data for BloodHound Community Edition. |
| binwalk3 | Firmware Analysis Tool | Forensics | Analyzes and extracts firmware images to identify embedded files and code. |
| bloodhound-ce-python | Python based ingestor for BloodHound CE | Reconnaissance | Python implementation of BloodHound data collector for Active Directory. |
| bopscrk | Generate smart and powerful wordlists | Password Attacks | Creates targeted wordlists for password cracking based on personal information. |
| chisel-common-binaries | Prebuilt binaries for chisel | Tunneling | Fast TCP/UDP tunnel transported over HTTP, secured via SSH. |
| crlfuzz | Fast tool to scan CRLF vulnerability written in Go | Web Application Analysis | Detects Carriage Return Line Feed injection vulnerabilities. |
| donut-shellcode | Generates position-independent shellcode from memory | Exploitation | Creates x86/x64 shellcode payloads from .NET assemblies. |
| gitxray | Scan GitHub repositories and contributors to collect data | Information Gathering | Analyzes GitHub repositories for security issues and OSINT purposes. |
| ldeep | In-depth LDAP enumeration utility | Reconnaissance | Explores and analyzes LDAP directories for security assessment. |
| ligolo-ng-common-binaries | Prebuilt binaries for Advanced ligolo-ng | Tunneling | Tunneling tool that uses a TUN interface for network pivoting. |
| rubeus | Raw Kerberos interaction and abuses | Exploitation | C# toolkit for Kerberos interaction and exploitation in Active Directory. |
| sharphound | BloodHound CE collector | Reconnaissance | Official data collector for BloodHound Community Edition. |
| tinja | CLI tool for testing web pages for template injection | Web Application Analysis | Detects and identifies template injection vulnerabilities in web applications |
Additional tools include crlfuzz for CRLF vulnerability scanning, donut-shellcode for position-independent shellcode generation, and gitxray for GitHub repository analysis.
The NetHunter platform receives significant updates, including the introduction of CARsenal (formerly CAN Arsenal), a comprehensive car hacking toolset.
New kernel support extends to additional devices, including Xiaomi Redmi 4/4X and Redmi Note 11. ARM single-board computer support has been consolidated, with Raspberry Pi 5 now supported by the unified 64-bit image and upgraded to a 6.12-based kernel.
Kali Linux 2025.2 represents a substantial evolution in penetration testing capabilities, combining innovative hardware support with comprehensive software improvements.
The smartwatch Wi-Fi injection capability alone positions this release as a game-changer for mobile security assessments, while the restructured menu system and expanded tool collection ensure continued relevance for cybersecurity professionals worldwide.
The official Kali Linux 2025.2 images are now available through the primary download portal at kali, which offers access to tested and quality-assured release images.
Users have the option to either download a new image of Kali Linux 2025.2 or upgrade their current installations to leverage the latest features and enhancements.
βββ(kaliγΏkali)-[~]
ββ$ echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee /etc/apt/sources.list
[...]
βββ(kaliγΏkali)-[~]
ββ$ sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpg
[...]
βββ(kaliγΏkali)-[~]
ββ$ sudo apt update && sudo apt -y full-upgrade
[...]
βββ(kaliγΏkali)-[~]
ββ$ cp -vrbi /etc/skel/. ~/
[...]
βββ(kaliγΏkali)-[~]
ββ$ [ -f /var/run/reboot-required ] && sudo reboot -f
To check the version
βββ(kaliγΏkali)-[~]
ββ$ grep VERSION /etc/os-release
VERSION_ID="2025.2"
VERSION="2025.2"
VERSION_CODENAME=kali-rolling
βββ(kaliγΏkali)-[~]
ββ$ uname -v
#1 SMP PREEMPT_DYNAMIC Kali 6.12.25-1kali1 (2025-04-30)
βββ(kaliγΏkali)-[~]
ββ$ uname -r
6.12.25-amd64
