Kali has released its third build of the year, Kali Linux 2025.3, focusing on wireless and mobile offensive capabilities. The update reintroduces Nexmon support—restoring reliable Raspberry Pi 5 operation—adds 10 new tools, and delivers notable improvements to Kali NetHunter, including an updated profile for Samsung S10 and ongoing enhancements for the Car Hacking track.
Kali Linux 2025.3: key changes for Wi‑Fi and embedded assessments
Kali’s earlier 2025.1 release changed the Raspberry Pi kernel packaging and major branch, which temporarily affected some Wi‑Fi workflows. With 2025.3, Kali restores the expected ecosystem behavior: Nexmon is back, enabling monitor mode and frame injection on supported chipsets and reestablishing robust operation on the Raspberry Pi 5. Nexmon is not Pi‑exclusive; it benefits any compatible Broadcom/Cypress device.
The release also introduces 10 additional tools. While the full list is not detailed, Kali’s interim updates typically broaden coverage across reconnaissance, network analysis, service hardening evaluation, exploitation, and automation—reducing the need for custom setup in common pentest playbooks.
Why Nexmon matters: monitor mode and frame injection for Wi‑Fi testing
Nexmon is a firmware patching framework for Broadcom and Cypress Wi‑Fi chipsets that enables monitor mode (passive packet capture on the radio layer) and frame injection (crafted 802.11 frames) on hardware that does not natively expose these features. For red teams and auditors, this unlocks richer wireless assessments: capturing management/control traffic, validating WIDS/WIPS detections, and testing 802.11 protections such as PMF and WPA2/3 handshakes. See: Nexmon project.
In practice, this allows tasks such as simulating misconfigured roaming, stress‑testing AP isolation, validating deauthentication resilience where permitted, and auditing BYOD/IoT segments that often rely on consumer‑grade radios. Industry reports (e.g., Verizon DBIR) continue to highlight configuration weaknesses and credential misuse; robust Wi‑Fi telemetry and injection help teams reproduce and mitigate those real‑world failure modes.
Kali NetHunter and Car Hacking: stronger mobile and automotive workflows
Kali NetHunter receives stability improvements and broader device coverage, including updates for the Samsung S10. Field operators benefit from a touch‑optimized interface, direct access to the Kali toolchain, and flexible use of external radios and hardware modules. Documentation and device support resources remain available via Kali NetHunter docs.
The NetHunter Car Hacking profile continues to evolve with an updated UI and numerous bug fixes. The team also plans tutorial content for the CARsenal toolset, helping practitioners ramp up on standardized CAN/LIN testing without relying on access to live vehicles. This lowers barriers for training ranges and reproducible lab exercises targeting ECUs and in‑vehicle networks.
Operational impact and upgrade guidance for security teams
For wireless and embedded testing, the return of Nexmon translates to predictable lab builds on Raspberry Pi 5 and other supported platforms. Portable Wi‑Fi kits—Pi 5, compatible adapters, and Kali—simplify on‑site audits, classroom instruction, and R&D, especially where wireless remains a high‑risk ingress for office networks and IoT fleets. Organizations can reuse these setups for continuous assurance and regression testing of WIDS/WIPS policies.
Before upgrading, verify driver and module compatibility, back up configurations, and test mission‑critical workflows. Typical steps include updating repositories and packages (e.g., “apt update” and a full distribution upgrade), then validating kernel/firmware versions for wireless adapters used in monitor and injection modes. Raspberry Pi users should confirm the kernel branch and chipset support; NetHunter users should cross‑check the latest supported device matrix and flashing instructions to avoid soft‑bricks or radio regressions.
Kali Linux 2025.3 is a meaningful step for offensive security practitioners: Nexmon restoration and NetHunter enhancements strengthen wireless and automotive testing playbooks. Teams building Wi‑Fi labs or exploring auto‑sec should pilot the release, update standard operating procedures, and add targeted checks for 802.11 and vehicle network attack surfaces to their audit plans.
