Kali Linux Unveils Two New Tools to Boost Wi-Fi Performance for Raspberry Pi Users

Kali Linux has announced the release of two groundbreaking packages that significantly enhance wireless penetration testing capabilities for Raspberry Pi users.

The new brcmfmac-nexmon-dkms and firmware-nexmon packages, introduced in Kali Linux 2025.1, enable the onboard Wi-Fi interface on supported Raspberry Pi models to perform monitor mode operations and frame injection without requiring external USB adapters.

This development represents a major advancement for cybersecurity professionals and ethical hackers who rely on portable penetration testing setups.

Previously, Raspberry Pi users conducting wireless security assessments faced significant limitations due to Broadcom/Cypress Wi-Fi chipsets that don’t support monitor mode or injection capabilities by default.

New Packages for Raspberry Pi

The breakthrough is made possible through integration with the Nexmon project, a C-based firmware patching framework developed by SEEMOO Lab at TU Darmstadt.

Nexmon works by modifying Broadcom’s closed firmware binaries and providing patches for the Linux driver (brcmfmac) to enable advanced wireless capabilities.

“The Nexmon project changed the game by offering a firmware patching framework that extends Broadcom’s closed firmware with additional capabilities notably monitor mode and injection,” explains the functionality that has long been technically possible but recently refined for better Kali integration.

The brcmfmac-nexmon-dkms package provides a DKMS-based version of the brcmfmac driver with Nexmon patches, while firmware-nexmon delivers Nexmon-patched firmware for supported Broadcom chips.

The DKMS implementation ensures the driver rebuilds against the kernel during installation, helping maintain compatibility across system updates.

The new packages have been tested on multiple Raspberry Pi models, including the Raspberry Pi 5 (64-bit), Raspberry Pi 4 (both 64-bit and 32-bit), Raspberry Pi 3B (both architectures), Raspberry Pi Zero 2 W (43436s variant), and Raspberry Pi Zero W.

Installation is straightforward for users running Kali on Raspberry Pi systems:

text$ sudo apt update
$ sudo apt full-upgrade -y
$ sudo apt install -y brcmfmac-nexmon-dkms firmware-nexmon
$ sudo reboot

Kali’s integration of Nexmon has evolved considerably over time. The development team previously operated on the 5.15 kernel series for an extended period due to packaging complexities and patchset management challenges.

Attempts to migrate to kernel 6.6 encountered stability issues, prompting developers to pause development until they could implement a more reliable approach.

The transition to the 6.12 kernel provided an opportunity to rebuild the integration properly, resulting in the current stable packages. This move also enables support for newer devices like the Raspberry Pi 5, which requires more recent kernel versions.

These packages eliminate a significant barrier for portable wireless assessments. Security professionals can now utilize tools like aircrack-ng, aireplay-ng, and other wireless penetration testing utilities directly with the Raspberry Pi’s built-in Wi-Fi interface.

This capability is particularly valuable for conducting wireless security audits, testing network encryption strength, and performing frame injection attacks for legitimate security research.

The development represents a collaborative effort between the Kali Linux team, the Nexmon project researchers at SEEMOO Lab, and community contributors who helped test and refine the packages.

This enhancement continues Kali Linux’s commitment to providing cutting-edge tools for cybersecurity professionals while expanding the capabilities of affordable, portable penetration testing platforms.

For users interested in testing these new capabilities, detailed documentation and troubleshooting guidance are available through the Kali Linux forums and Discord community channels.

Boost detection, reduce alert fatigue, accelerate response; all with an interactive sandbox built for security teams -> Try ANY.RUN Now