Vagrant files, *.box, are pre-configured Virtual Machines (VM) VM images, which when imported into HashiCorp’s Vagrant, allow for VMs to be interacted with via the command line. You create, start, interact, stop, destroy VMs all without leaving the terminal. Think containers (Docker/Podman), but for VMs. --- Previously we have been using HashiCorp’s Packer to generate our HashiCorp’s Vagrant images. Packer is a wrapper, around whatever hypervisor you wish, and it will automate installing the OS (unattended setup via preseeding), run any commands or scripts, export the VM and finally compress it. The down-side to Packer is that you need to have the chosen hypervisor installed on the host OS, you can’t cross-build. If you use Linux, you can’t build Window’s Hyper-V. --- For a few years now , we have been using DebOS, to automate building our VMs. This has been working great for us. Recently we realized: “Why do we have two different systems, for the same purpose?”. A little bit of digging into “how to make a vagrant base box VM” boils down to just a few requirements: * Fix username (vagrant) * Fix/Known pubic SSH keys (default/standard insecure keypairs) * Able to perform superuser actions (sudo) Simple really, just need to make sure that Vagrant can easy access the VM! Optional items (and recommended), as it helps benefits user’s rather than Vagrant: * Known/Fix credentials (vagrant everywhere) * SSH tweaks (speed up for airgap networks) All of this can be handled in a post-install step, which we have put into our Kali-VM build-script. --- Now, we are building all of our VMs, automatically, in the same matter (Stock and Vagrant), all in the same infrastructure setup (Linux!). --- Since Microsoft Windows 10 1607 / Server 2016, when exporting VMs, there would be 3 additional “binary” files, *.vmcx/*.vmrs included as well as an *.xml. As we were no longer exporting the VM from Hyper-V, but generating it outside of, we do not have these files. Now, we could create a “template” binary which would act as a dummy marker. But this didn’t sit right with us, we didn’t want to include items, especially binary files. --- Out of the box, Vagrant expected those binary files and failed without them. However a merge request later to upstream, and support has been added. As a result, trying to use Kali 2025.2 or higher on Windows using Hyper-V, using vagrant older than v2.4.7 will NOT work. You need to use either an older Kali, different hypervisor, manually patch or to upgrade Vagrant to be v2.4.8 (released 2025-08-05) or higher. --- As Packer is no longer generating our Vagrant VMs, we renamed the git repository (gitlab.com/kalilinux/build-scripts/kali-vagrant -> gitlab.com/kalilinux/build-scripts/kali-packer). Finally, before sunsetting our Packer build-scripts, we did a refresh of these build-scripts one more time. We might not be using it, but that doesn’t mean you can’t. --- Demo After getting Vagrant and VirtualBox installed: $ vagrant box add kalilinux/rolling ==> box: Loading metadata for box 'kalilinux/rolling' box: URL: https://vagrantcloud.com/api/v2/vagrant/kalilinux/rolling This box can work with multiple providers! The providers that it can work with are listed below. Please review the list and choose the provider you will be working with. 1) hyperv 2) libvirt 3) virtualbox 4) vmware_desktop Enter your choice: 3 ==> box: Adding box 'kalilinux/rolling' (v2025.2.1) for provider: virtualbox (amd64) box: Downloading: https://vagrantcloud.com/kalilinux/boxes/rolling/versions/2025.2.1/providers/virtualbox/amd64/vagrant.box box: Calculating and comparing box checksum... ==> box: Successfully added box 'kalilinux/rolling' (v2025.2.1) for 'virtualbox (amd64)'! $ $ vagrant box list kalilinux/rolling (virtualbox, 2025.2.1, (amd64)) $ $ mkdir -pv vagrant-demo/; cd vagrant-demo/ mkdir: created directory 'vagrant-demo/' $ $ vagrant init --force --minimal kalilinux/rolling [...] $ $ cat Vagrantfile # -*- mode: ruby -*- # vi: set ft=ruby : Vagrant.configure("2") do |config| config.vm.box = "kalilinux/rolling" end $ $ vagrant up --provider virtualbox Bringing machine 'default' up with 'virtualbox' provider... ==> default: Importing base box 'kalilinux/rolling'... ==> default: Generating MAC address for NAT networking... ==> default: Checking if box 'kalilinux/rolling' version '2025.2.1' is up to date... ==> default: Setting the name of the VM: vagrant-demo_default_1753960552589_87147 Vagrant is currently configured to create VirtualBox synced folders with the `SharedFoldersEnableSymlinksCreate` option enabled. If the Vagrant guest is not trusted, you may want to disable this option. For more information on this option, please refer to the VirtualBox manual: https://www.virtualbox.org/manual/ch04.html#sharedfolders This option can be disabled globally with an environment variable: VAGRANT_DISABLE_VBOXSYMLINKCREATE=1 or on a per folder basis within the Vagrantfile: config.vm.synced_folder '/host/path', '/guest/path', SharedFoldersEnableSymlinksCreate: false ==> default: Clearing any previously set network interfaces... ==> default: Preparing network interfaces based on configuration... default: Adapter 1: nat ==> default: Forwarding ports... default: 22 (guest) => 2222 (host) (adapter 1) ==> default: Running 'pre-boot' VM customizations... ==> default: Booting VM... ==> default: Waiting for machine to boot. This may take a few minutes... default: SSH address: 127.0.0.1:2222 default: SSH username: vagrant default: SSH auth method: private key default: Warning: Connection reset. Retrying... default: Warning: Remote connection disconnect. Retrying... default: Warning: Connection reset. Retrying... default: Warning: Remote connection disconnect. Retrying... default: default: Vagrant insecure key detected. Vagrant will automatically replace default: this with a newly generated keypair for better security. default: default: Inserting generated public key within guest... default: Removing insecure key from the guest if it's present... default: Key inserted! Disconnecting and reconnecting using new SSH key... ==> default: Machine booted and ready! ==> default: Checking for guest additions in VM... default: The guest additions on this VM do not match the installed version of default: VirtualBox! In most cases this is fine, but in rare cases it can default: prevent things such as shared folders from working properly. If you see default: shared folder errors, please make sure the guest additions within the default: virtual machine match the version of VirtualBox you have installed on default: your host and reload your VM. default: default: Guest Additions Version: 7.0.20 default: VirtualBox Version: 7.1 ==> default: Mounting shared folders... default: /tmp/vagrant-demo => /vagrant $ $ vagrant ssh Linux kali 6.12.25-amd64 #1 SMP PREEMPT_DYNAMIC Kali 6.12.25-1kali1 (2025-04-30) x86_64 The programs included with the Kali GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. ┌──(vagrant㉿kali)-[~] └─$ Cheat-Sheet vagrant box add kalilinux/rolling --force --clean --provider virtualbox --box-version 2025.2.1 mkdir -pv kali-vagrant/ && cd $_ vagrant init kalilinux/rolling --force --minimal --output - --box-version 2025.2.1 | tee Vagrantfile vagrant up --provider virtualbox vagrant ssh More Reading * Kali inside Vagrant (Guest VM) * Customizing a Kali Vagrant Vagrantfile * kali-packer/README.vagrant.md * kali-packer/README.packer.md * Build Script: kali-packer * Build Script: kali-vm

If you’re an Apple user, you may have heard of Apple’s upcoming feature Containerization during WWDC 2025. Quick summary: * Container is a CLI tool, which works with Containerization. This is what end-users interact with. * Containerization handles creating the containers, that talks to Virtualization.framework. * Virtualization.framework is the hypervisor API (high level), and creates a new VM per container via Hypervisor.framework. * Hypervisor.framework is the low level hypervisor API, which uses the macOS kernel (the hypervisor). It is similar to Microsoft’s Windows Subsystem for Linux 2 (WSL), where a very small lightweight virtual machine (VM) is launched in the background, so a Linux kernel can be used on a non Linux host (WSL2 uses Hyper-V). Not to be confused with WSL1, which was more like WINE! Its set to be publicly released for the next major OS release, macOS “Tahoe” 26, and also for macOS “Sequoia” 15 . Containerization supports containers which are “Open Container Initiative (OCI) compliant”, luckily our Kali image are! Setup If the first thing we see when trying to run container is: ~ % container zsh: command not found: container ~ % …We need to install it. --- Doing a quick check to make sure our system is supported: ~ % sw_vers -productVersion 15.5 ~ % ~ % uname -m arm64 ~ % We are using macOS 15.5, on an Apple Silicon series device (aka arm64). We are good to go! --- If Homebrew is installed: ~ % brew install --cask container ==> Downloading https://github.com/apple/container/releases/download/0.2.0/container-0.2.0-installer-signed.pkg ==> Downloading from https://release-assets.githubusercontent.com/github-production-release-asset/993475914/c5fb6a42-f282-4dd7-95c2-af9b142f0ed1?sp=r&sv=2018-11-09&sr=b&spr=https&se=2025-07-17T14%3A06%3A32Z&r ######################################################################################################################################################################################################### 100.0% ==> Installing Cask container ==> Running installer for container with sudo; the password may be necessary. Password: installer: Package name is container-0.2.0-installer-signed installer: Upgrading at base path / installer: The upgrade was successful. 🍺 container was successfully installed! ~ % Otherwise, we can manually grab the (signed) setup file from github.com/apple/container. At the time of writing its container-0.2.0-installer-signed.pkg. --- Now when we try and run it: ~ % container OVERVIEW: A container platform for macOS USAGE: container [--debug] OPTIONS: --debug Enable debug output [environment: CONTAINER_DEBUG] --version Show the version. -h, --help Show help information. CONTAINER SUBCOMMANDS: create Create a new container delete, rm Delete one or more containers exec Run a new command in a running container inspect Display information about one or more containers kill Kill one or more running containers list, ls List containers logs Fetch container stdio or boot logs run Run a container start Start a container stop Stop one or more running containers IMAGE SUBCOMMANDS: build Build an image from a Dockerfile images, image, i Manage images registry, r Manage registry configurations OTHER SUBCOMMANDS: builder Manage an image builder instance system, s Manage system components ~ % …but we are not fully yet there! --- When we use container to try and interact with Containerization, we may get: ~ % container ls Error: interrupted: "internalError: "failed to list containers" (cause: "interrupted: "XPC connection error: Connection invalid"") Ensure container system service has been started with `container system start`." ~ % We can address this by starting up the service in the background: ~ % container system start Verifying apiserver is running... Installing base container filesystem... No default kernel configured. Install the recommended default kernel from [https://github.com/kata-containers/kata-containers/releases/download/3.17.0/kata-static-3.17.0-arm64.tar.xz]? [Y/n]: y Installing kernel... ~ % Now we are off to the races! Running Containers Like Docker, and Podman, we can run our containers as we would expect: ~ % container run --rm -i -t kalilinux/kali-rolling ┌──(root㉿9ff4685f-76e1-42fa-86ba-f12e76c79843)-[/] └─# id uid=0(root) gid=0(root) groups=0(root) The first time running, container will need to pull down the container image. The default container registry is currently DockerHub (which Kali is on). --- We are able to-do the same features as Docker/Podman as you would expect, such as sharing a directory : ~ % container run --remove --interactive --tty --volume $(pwd):/mnt --workdir /mnt docker.io/kalilinux/kali-rolling:latest ┌──(root㉿4be77ff5-bd57-4076-8bf0-8e51caff047e)-[/mnt] └─# uname -a Linux 4be77ff5-bd57-4076-8bf0-8e51caff047e 6.12.28 #1 SMP Tue May 20 15:19:05 UTC 2025 aarch64 GNU/Linux Alias Once everything is working as expected, we can create a quick alias to avoid retyping the full command each time: ~ % alias container-shell='container run --remove --interactive --tty --entrypoint=/bin/bash --volume $(pwd):/mnt --name "$(hostname -s)-$(mktemp -u XXXXXX)" --workdir /mnt' ~ % ~ % echo "alias container-shell='container run --remove --interactive --tty --entrypoint=/bin/bash --volume $(pwd):/mnt --name "$(hostname -s)-$(mktemp -u XXXXXX)" --workdir /mnt'" >> ~/.zshrc ~ % ~ % container-shell kalilinux/kali-rolling:latest ┌──(root㉿mba22-vB9af6)-[/mnt] └─# Troubleshooting Currently there are a few known limitations of Containerization, especially using macOS “Sequoia” 15, such as container’s network access not getting an IP address or no network access. We recommend reading and following Apple’s advice if you run into these issues. --- And just like that, we have a quick way to run Kali containers on macOS. This is part of our ongoing commitment of “Kali Everywhere”, where we put the tools you need in as many places as possible and easy for you to make use of. There are many different ways to run Kali, be sure to check out our get Kali page to find the one that best fits your needs.

Thanks to Nexmon and fresh Kali packages, onboard wireless is ready for monitor mode and injection (again!). Kali Linux users on Raspberry Pi now have an improved and more integrated way to use the onboard Wi-Fi interface for wireless assessments. While the Nexmon project has long made this technically possible, our support in Kali has recently been refined. In Kali 2025.1, with the move to a newer Raspberry Pi kernel and a chance to revisit our packaging, we have cleaned up and formalized support for Nexmon through new packages. This not only improves the setup experience and adds support for more devices, including the Raspberry Pi 5, but also makes it easier to enable other hardware supported by Nexmon within Kali. Where We Started The Raspberry Pi has always been a compelling platform for portable Kali setups. But when it came to wireless assessments, things were less ideal. Raspberry Pi models use Broadcom/Cypress Wi-Fi chipsets, which don’t support monitor mode or injection by default. That left users needing an external USB adapter. The Nexmon project, created by SEEMOO Lab at TU Darmstadt, changed that by offering a firmware patching framework that extends Broadcom’s closed firmware with additional capabilities — notably, monitor mode and injection. Nexmon works by modifying the firmware binaries themselves and providing patches for the Linux driver (brcmfmac) to support the required modes. Kali’s integration of Nexmon has come a long way, though it hasn’t always been smooth. We were on the 5.15 kernel series for quite some time, in part due to how we were packaging the kernel and managing patchsets. This made it difficult to support newer devices like the Raspberry Pi 5, which requires a more recent kernel. When we attempted to move to 6.6, we encountered stability issues. These were not caused by Nexmon itself, but by changes in the kernel and how they interacted with our setup. Rather than ship something unreliable, we decided to pause development until we could revisit the approach. What’s New With the switch to the 6.12 kernel, we’ve taken the time to rebuild things properly. We’ve released two new packages: * brcmfmac-nexmon-dkms: A DKMS-based version of the brcmfmac driver with Nexmon patches * firmware-nexmon: Nexmon-patched firmware for supported Broadcom chips These packages make it possible to use the onboard Wi-Fi interface on supported Raspberry Pi boards for monitor mode and frame injection, no USB adapter required! The DKMS driver rebuilds against your kernel on installation, which should help keep things working across updates. Supported Devices We’ve tested the new Nexmon-enabled packages on: * Raspberry Pi 5 (64-bit) * Raspberry Pi 4 (64-bit and 32-bit) * Raspberry Pi 3B (64-bit and 32-bit) * Raspberry Pi Zero 2 W (43436s variant) * Raspberry Pi Zero W If your board has a compatible Broadcom Wi-Fi chipset, it may work as well. If it does, let us know! Installing the Packages On a Raspberry Pi Kali image: $ sudo apt update $ sudo apt full-upgrade -y $ sudo apt install -y brcmfmac-nexmon-dkms firmware-nexmon $ sudo reboot --- Once the device is back up, you can check that the Nexmon-patched driver is in use with: $ modinfo brcmfmac | grep filename Using Monitor Mode $ airmon-ng start wlan0 --- In the command output you may see a message similar to: command failed: Unknown error 524 (-524) This is expected. Despite the message, monitor mode usually works. Confirm with: $ iw dev You should see an interface like wlan0mon in monitor mode. Verifying Injection Test injection with: $ sudo aireplay-ng --test wlan0mon You should see the Injection is working! message. This is not always stable however, and depends on device. Tips and Troubleshooting * Disable power management: sudo iwconfig wlan0 power off * Stop NetworkManager if needed: sudo systemctl stop NetworkManager * Confirm firmware loads: dmesg | grep brcmfmac * If you need to rebuild the driver, re-run: sudo dpkg-reconfigure brcmfmac-nexmon-dkms --- If upgrading on the Raspberry Pi 3B (64-bit), Wi-Fi may stop working due to the clm_blob. You can verify if this is the issue by running: $ dmesg | grep clm_blob If you see it failing to load the clm_blob, run sudo rm -v /lib/firmware/brcm/brcmfmac43430-sdio.raspberrypi,3-model-b.clm_blob and then reboot. Special Thanks We want to give a couple of shout outs to our friends in the community who helped make this possible: * @GeneErik for discussing the pain points of working with Nexmon at a distro level, and he said it would be great if we could use DKMS with the driver. Additionally, many long nights of discussions and troubleshooting. * @NurseJackass contributed the initial support for supporting the 6.12 kernel. * The Raspberry Pi Foundation for hardware donations, permissions, and assistance as needed. Reporting and Feedback If: * It works on your board (especially if unlisted), let us know! * It doesn’t work, report the issue with logs and hardware details! * You get it working on an unsupported board, share how! Report in the Kali Linux forums or the Kali Linux Discord server the #kali-arm channel is the best place for these discussions. Looking Ahead This is one of several improvements we’re making across Kali ARM. Nexmon support gives Raspberry Pi users more freedom and portability when doing wireless assessments, especially when minimal hardware is key. Thanks to the Nexmon team for their research and patches, and to the Kali community for helping us test and refine these packages. We look forward to hearing how this works for you.

We’re almost half way through 2025 already, and we’ve got a lot to share with you in this release, Kali 2025.2. The summary of the changelog since the 2025.1 release from March is: * Desktop Updates - Kali-Menu refresh, GNOME 48 & KDE 6.3 updates * BloodHound Community Edition - Major upgrade with full set of ingestors * Kali NetHunter Smartwatch Wi-Fi Injection - TicWatch Pro 3 now able to de-authenticate and capture WPA2 handshakes * Kali NetHunter CARsenal - Car hacking tool set! * New Tools - 13 new shinny tools added (and various updates) --- Desktop Updates Kali Menu Refresh We’ve completely reworked the Kali Menu! It’s now reorganized to follow the MITRE ATT&CK framework structure – which means that finding the right tool for your task should now be a lot more intuitive for red and blue teams alike. Previously the Kali menu structure followed what was in BackTrack… which followed WHAX before it. The previous structure was an in-house item, before MITRE was a thing. When our menu was first created, there wasn’t as much design planning done, which we suffered for later. It meant that over time, scaling and adding new tools became difficult for us. The knock on effect was that this made it harder for you, the end-users, to discover new tools as similar tools with overlapping functions were in different places or missing entries. Yes, seasoned professionals may not use the menu to start up items, using shortcuts such as super key and typing the tool name , or via a terminal window. We see the menu as a way to discover tools. The final nail in the coffin in the setup was the fact that it was manually managed. Yes, all those entries were previously created by-hand (which also may explain a few things). As a result, we had stopped adding new tools to the menu… until now. Now, we have created a new system and automated many aspects, making it easier for us to manage, and easier for you to discover items. Win win. Over time, we hope to start to add this to kali.org/tools/. Currently Kali Purple still follows NIST CSF (National Institute of Standards and Technology Critical Infrastructure Cybersecurity), rather than MITRE D3FEND. This is a big change, and we want your feedback! Think something should be renamed, moved, or see a tool that’s missing? Help us improve the menu by editing the structure directly — it’s all open and managed through a simple YAML file. GNOME 48 GNOME has been bumped up to version 48, and brings with it: * Notification Stacking * Performance Improvements * Dynamic triple buffering * Enhanced Image Viewer * Digital Wellbeing * Preserve Battery Health * HDR (High Dynamic Range) Support * Updated Text Editor As with previous GNOME updates in Kali, we’ve given all our themes a fresh coat of paint – everything’s been tuned to look sharp and feel smooth. The document reader evince has been replaced with the new papers app. If you’re rocking Kali with GNOME, this update is definitely worth the reboot. Want the full scoop? Check out the official GNOME 48 release notes. New GNOME VPN IP Extension Just like we did for Xfce back in Kali 2024.1, we’ve now brought the VPN IP indicator to GNOME too! It shows the IP address of your current VPN connection right in the panel — and with a simple click, it copies it straight to your clipboard. Handy, right? Huge thanks to @Sarthak Priyadarshi who not only came up with the idea, but also provided all of the coding to make it happen. Community contributions like this make Kali better for everyone! KDE Plasma 6.3 KDE Plasma fans, rejoice – we’ve included Plasma 6.3, and it’s packed with polish: * Huge overhaul of fractional scaling * Accurate screen colors when using the Night Light * More accurate CPU usage in system sonitor * Info Center provides more information, like GPUs data or batteries’ cycle counts * More customization features Whether you’re into tiling window madness or prefer a traditional desktop setup, Plasma 6.3 brings both flexibility and style. You can read more about all the new changes for Plasma desktop in their official release post. New Community Wallpapers There are also new changes in the Community Wallpapers package (pkg), including 2 new backgrounds provided by @Onix32032044 and 1 background provided by @Arszilla. To access these wallpapers, simply install the kali-community-wallpapers package, which also offers many other stunning backgrounds created by our community contributors. BloodHound Community Edition If you’re doing Active Directory recon, this upgrade is a game changer. BloodHound just got a major upgrade – we’ve bumped it up to the latest version: BloodHound Community Edition (CE). With this update, we’re also shipping the full set of ingestors to support it: * azurehound * bloodhound-ce-python * sharphound Heads up: bloodhound-ce-python is the ingestor made specifically for BloodHound CE. Don’t mix it up with the old bloodhound-python, which only work with the legacy version. So what’s new in BloodHound CE? Expect a smoother interface, better performance, and new capabilities for mapping complex Active Directory environments. You can check our guide about how to configure a new installation of Bloodhound-CE in Kali here. New Tools in Kali It would not be a Kali release if there were not any new tools added! A quick run down of what has been added (to the network repositories): * azurehound - BloodHound data collector for Microsoft Azure * binwalk3 - Firmware Analysis Tool * bloodhound-ce-python - Python based ingestor for BloodHound CE * bopscrk - Generate smart and powerful wordlists * chisel-common-binaries - Prebuilt binaries for chisel * crlfuzz - Fast tool to scan CRLF vulnerability written in Go (Submitted by @Arszilla) * donut-shellcode - Generates position-independent shellcode from memory and runs them * gitxray - Scan GitHub repositories and contributors to collect data (Submitted by @weirdlantern) * ldeep - In-depth LDAP enumeration utility * ligolo-ng-common-binaries - Prebuilt binaries for Advanced ligolo-ng * rubeus - Raw Kerberos interaction and abuses * sharphound - BloodHound CE collector * tinja - CLI tool for testing web pages for template injection There has also been numerous new libraries as well as packages updates as well, such as PowerShell and code-oss. Xclip pre-installed We’ve added xclip by default across all desktop environments in Kali. Why? Because being able to quickly send output to the clipboard from the terminal is incredibly useful — especially during reporting, note-taking, or sharing on-the-fly. Here are a few quick examples: ┌──(kali㉿kali)-[~/Downloads] └─$ ip a | grep inet | xclip -selection clipboard Boom — now your IP info is in your clipboard, ready to paste. Or maybe you’ve just cracked a hash and want to copy the flag: ┌──(kali㉿kali)-[~/Downloads] └─$ grep FLAG crackme.txt | xclip -sel c # Or pass it to the next command ┌──(kali㉿kali)-[~/Downloads] └─$ xclip -o -sel c | grep FLAG No more mouse highlighting or right-click gymnastics. Just pipe it to xclip and paste wherever you need. Small tool, big quality-of-life boost. Kali NetHunter Updates Smartwatch Wi-Fi Injection After 3 years, we are proud to introduce the first actual smartwatch that finally has wireless injection support! Thanks to the exceptional collaboration by @yesimxev and @Jakob Link from NexMon team. Countless emails, lost brain cells, but it was worth it. Now Kali NetHunter on the TicWatch Pro 3 (all variants with bcm43436b0 chipset) supports wireless injection, de-authentication, and able to capture WPA2 handshakes! Check out the install guide. --- CARsenal CAN Arsenal come with a new version by @V0lk3n. It is now renamed as CARsenal, to better match the goal which is to provide a car hacking tool set. Code got a lot of rewrite, and provide a more friendly UI. Also it come with new tools such as: * hlcand: Modified slcand for ELM327 use * VIN Info: Decode your VIN identifier * CaringCaribou: Actually provide Listener, Dump, Fuzzer, Send, UDS and XCP modules * ICSim: Provide a great simulator to play with VCAN and test CARsenal toolset without hardware needed Actual kernel with CAN support enabled: * Samsung Galaxy S9 (A13/exynos9810) * Samsung Galaxy S10 (A14 & A15/exynos9820) * (NEW!) Realme C15 (A10) * (NEW!) Redmi Note 11 (A15) Its documentations and kernel configuration has been updated as well. --- Android Radio There’s another possibly first use case of Kali NetHunter KeX running on Android radio. A teaser to the upcoming Android Auto support… --- Kali NetHunter Kernels Kali NetHunter kernels updates: * (NEW!) Xiaomi Redmi 4/4X (A13) (by @MomboteQ) * (NEW!) Xiaomi Redmi Note 11 (A15) (by @Madara273) * Updated Realme C15 (A10) (by @Frostleaft07) * Updated Samsung Galaxy S10 (A14,A15/exynos9820) (by @V0lk3n) * Updated Samsung Galaxy S9 (A13/exynos9810) (by @V0lk3n) Kali ARM SBC Updates We will start off with some Raspberry Pi updates: * We have combined some of our Raspberry Pi images, so that Raspberry Pi 5 does not need its own separate image . It is now supported by our 64-bit image! This is reflected by the new name of the download link on get-kali. * Raspberry Pi devices have had their kernel upgraded to a 6.12 based kernel. This was made possible thanks to @Nurse Jackass who add support to the brcmfmac nexmon driver. * Additionally, the udev rule that used to allow you to run vgencmd without requiring root rights on Raspberry Pi devices was updated, so you no longer need elevated privileges to run it. Now onto some USB Armory MKII: * It also has had its kernel upgraded to a 6.12 based kernel. * The bootloader upgraded to 2025.04. PowerShell on the ARM images has been bumped from 7.1.3 to 7.5.1 Build-scripts: * Mirror replacement is fixed, so if you want to build a custom image pointing at a specific mirror, just follow the instructions in the README * Occasionally there would be a build failure with no output. This was tracked down to the limit_cpu function and has been fixed so we no longer swallow the error code when there is one, and pass it on so when a failure happens we can know why. Kali Website Updates * Kali Linux Community and Support * Meet The Kali Team Kali Documentation Our Kali documentation has had various updates to existing pages as well as new pages: * Adding Encrypted Persistence to a Kali Linux Live USB Drive (updated) * Adding Persistence to a Kali Linux Live USB Drive (updated) * Fixing PostgreSQL ‘collation version mismatch’ (new) * Installing NetHunter on the OnePlus 5T (new by @Güray Çakmak) * Installing NetHunter on the Xiaomi Mi A3 (new by @mr00k3) * Making a Kali Bootable USB Drive (Linux) (updated) * Making a Kali Bootable USB Drive (macOS/OS X) (updated) * NetHunter Wardriving (new by @Alex) * Official Kali Linux Sites (updated) * Raspberry Pi 1 (Original) (updated) * Raspberry Pi 2 v1.2 (updated) * Raspberry Pi 2 (updated) * Raspberry Pi 3 (updated) * Raspberry Pi 400 (updated) * Raspberry Pi 4 (updated) * Raspberry Pi 5 (updated) * Raspberry Pi Zero (updated) * Raspberry Pi Zero W (updated) * Raspberry Pi Zero 2 W (updated) * Verifying USB Write (new by @serval) * Where and How to Contribute to Kali (updated) Kali Blog Recap Since our last release, we did the following blog posts: * A New Kali Linux Archive Signing Key Kali Team Updates It’s also with a heavy heart to announce that both @elwood as well as @gamb1t have stepped down and are no longer part of the Kali team. We hope you join us in wishing them all the best with their adventures going forward. @elwood has been part of Kali before it was called Kali and @gamb1t joined the team back in 2019. Both of them were very active and well known in Kali’s history as well as community. Shubham Vishwakarma (@shubhamvis98) has been doing a lot of heavy lifting with Kali NetHunter Pro since the start and has now fully joined the team. @v0lk3n has now been active and passionate for a while, with his work and efforts into the project it makes sense for him to have joined the Kali NetHunter team. Please welcome @Aura, James Green (@greenjam94) and @Tristram as Kali’s Community Leaders! You will see them in various places, such as our real-time chat and forums. Come and say hi to them. Community Shout-Outs These are people from the public who have helped Kali and the team for the last release. We want to praise them for their work (we like to give credit where due!): * @Alex * @Arszilla * @chewbaqa * @Data 19C * @florent4014 * @Frostleaf * @Güray Çakmak * @Kimo Coder * @Kyle Olmstead * @Madara273 * @MomboteQ * @mr00k3 * @Nurse Jackass * @serval * @SkyW4r33x * @soffensive * @V0lk3n * @Volodymyr BOBER * @x Anyone can help out, anyone can get involved! The ROKFOSS initiative, by and for Korean users In South Korea, a group of users that go by the name of ROKFOSS have been very active lately. Over the last few months, they have helped to setup new Kali Linux mirrors, and we now have a total of 6 mirrors in this country thanks to their support. But the initiative goes further: they now provide a translation of the Kali Linux documentation in Korean, along with a chat instance. Big thanks for this initiative! New Kali Mirrors We added 2 new mirrors to the pool during this release cycle: * India: mirror.del2.albony.in, sponsored by Albony Network and thanks to Shrirang Kahale. * South Korea: mirror.hemino.net, thanks to “QuietSky”. If you have the disk space and bandwidth, we always welcome new mirrors. Miscellaneous Below are a few other things which have been updated in Kali, which we are calling out which do not have as much detail: * Community post: What I Learned About Kali Purple Hub, MALCOLM, and Autopilot at Black Hat Asia 2025 * Community post: [KDE] My first rice * Community post: Kali on Pi4 Cyberdeck - Triskel_mk1 * Community post: NetHunter C-deck * Kali is now on Bluesky, @kalilinux.bsky.social * Kali is now on PeerTube, [email protected] * We updated our preseed examples repos * These changes are all the public items, if you would like a peak behind the curtain to see other items we have been working on check out GitLab activity and milestones --- Get Kali Linux 2025.2 Fresh Images: So what are you waiting for? Go get Kali already! Seasoned Kali Linux users are already aware of this, but for those who are not, we also produce weekly builds that you can use. If you cannot wait for our next release and you want the latest packages (or bug fixes) when you download the image, you can just use the weekly image instead. This way you will have fewer updates to do. Just know that these are automated builds that we do, not QA like we do for our standard release images. But we gladly take bug reports about those images because we want any issues to be fixed before our next release! Existing Installs: If you already have an existing Kali Linux installation, remember you can always do a quick update: ┌──(kali㉿kali)-[~] └─$ echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee /etc/apt/sources.list [...] ┌──(kali㉿kali)-[~] └─$ sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpg [...] ┌──(kali㉿kali)-[~] └─$ sudo apt update && sudo apt -y full-upgrade [...] ┌──(kali㉿kali)-[~] └─$ cp -vrbi /etc/skel/. ~/ [...] ┌──(kali㉿kali)-[~] └─$ [ -f /var/run/reboot-required ] && sudo reboot -f Do make sure your kali-archive-keyring has been updated. --- You should now be on Kali Linux 2025.2. We can do a quick check by doing: ┌──(kali㉿kali)-[~] └─$ grep VERSION /etc/os-release VERSION_ID="2025.2" VERSION="2025.2" VERSION_CODENAME=kali-rolling ┌──(kali㉿kali)-[~] └─$ uname -v #1 SMP PREEMPT_DYNAMIC Kali 6.12.25-1kali1 (2025-04-30) ┌──(kali㉿kali)-[~] └─$ uname -r 6.12.25-amd64 NOTE: The output of uname -r may be different depending on the system architecture. --- As always, should you come across any bugs in Kali, please submit a report on our bug tracker. We will never be able to fix what we do not know is broken! And Social networks are not bug trackers! --- Want to keep up-to-date easier? We’ve got you! * Blog? Use our RSS feed and newsletter * Download? We have a Torrent RSS feed * Socials? Bluesky, Facebook, Instagram, Mastodon & X