Kali Linux 2025.2 adds 13 new hacking tools, smartwatch Wi-Fi injection & MITRE-based menu

Kali Linux 2025.2 introduces a redesigned Kali Menu based on the MITRE ATT&CK framework, replacing the old BackTrack layout to improve tool discovery and make it easier for users to locate penetration testing tools. It also becomes the first OS to support full Wi-Fi injection on a smartwatch, enabling de-auth and WPA2 handshake capture on the TicWatch Pro 3 through collaboration with the NexMon team.

Desktop updates include GNOME 48 with notification stacking, HDR support, and wellbeing tools, and KDE Plasma 6.3 with improved fractional scaling and monitoring. A new GNOME VPN IP extension displays the active VPN IP in the panel. BloodHound Community Edition tools are now integrated for enhanced AD recon, and NetHunter adds Android radio support via KeX, allowing full Kali sessions on Android Auto head units.

Thirteen new tools join the release, including Azurehound, binwalk3, bloodhound-ce-python, bopscrk, chisel-common-binaries, crlfuzz, donut-shellcode, gitxray, ldeep, ligolo-ng-common-binaries, rubeus, sharphound, and tinja. Kali Nethunter users gain access to the new CARsenal suite for automotive security assessments. Raspberry Pi 5 is now supported via unified 64-bit images running Linux 6.12. Other improvements include new wallpapers, xclip pre-installed, and image availability across 64-bit, ARM, cloud, WSL, and mobile platforms.