Kali Linux gets a major upgrade with more than 10 new hacking tools, plus VPN IP extension, great for ethical hackers and pentest pros
- Kali Linux 2025.2 brings powerful new tools for experienced penetration testers
- Offensive Security realigns Kali’s interface with MITRE ATT&CK – finally, structure meets hacking function
- New BloodHound tools hint at deeper Azure and Active Directory targeting than ever before
The newest update to Kali Linux, version 2025.2, introduces over a dozen new tools alongside enhancements to user experience and platform support.
Offensive Security, the developers behind the Debian-based distribution, announced its general availability with a clear focus on aligning the system with the MITRE ATT&CK framework.
The restructured Kali Menu is now tailored to make tool discovery more intuitive, but whether this structural change leads to meaningful workflow improvement remains to be seen.
Thirteen new tools for advanced offensive capabilities
Included in the new release are 13 additional tools, many of which are specialized for advanced offensive operations.
Tools like azurehound for Azure directory data collection and bloodhound-ce-python, a Python ingestor for BloodHound CE, appear to target complex enterprise environments.
Meanwhile, binwalk3 expands firmware analysis capabilities, and bopscrk enables custom wordlist creation based on intelligent algorithms.
Some additions, such as crlfuzz, which is “a fast tool to scan CRLF vulnerability written in Go,” and donut-shellcode, which lets users “generate position-independent shellcode from memory and run it,” suggest the release continues to cater to skilled practitioners.
Kali Linux 2025.2 also adds chisel-common-binaries and ligolo-ng-common-binaries, both of which offer prebuilt binaries aimed at tunneling and pivoting, activities common in red teaming.
In terms of enumeration and lateral movement, tools like ldeep, described as “an in-depth LDAP enumeration utility,” and rubeus, focused on “raw Kerberos interaction and abuses,” contribute further.
While these tools may appeal to ethical hackers, the level of expertise required to operate them effectively can act as a limiting factor for beginners.
Among the most visible quality-of-life improvements is the integration of the new GNOME VPN IP extension, which allows direct viewing of the VPN IP address from the panel.
Though this feature is convenient, it is not spectacular, and it best remains a fringe addition.
This new update also supports GNOME 48 and KDE Plasma 6.3 desktop environments.
Raspberry Pi users now have a new update that combines some Raspberry Pi OS images, eliminating the need for a separate image for the Raspberry Pi 5.
This update also introduces Kali NetHunter CARsenal, a dedicated suite for automotive security analysis.
While it remains one of the best Linux distros for ethical hacking, some users may still prefer Linux alternatives that lean more toward security or integrate more seamlessly with network monitoring tools.
Via 9to5linux
You might also like
- Downloaded something dodgy? These are the best ransomware protection tools
- Nail the basics with the best firewalls available now
- Here’s the first test of the largest SSD, and an even bigger 246TB SSD may land by the end of 2025
