RAASNet – Open-Source Ransomware As A Service for Linux, MacOS and Windows

RAASNet Demo - Open-Source Ransomware As A Service for Linux, MacOS and Windows

Ransomware is most dangerous things on internet, they can infect any computers or servers. Many type of ransomware, this malware can be undetectable by antivirus and they can encrypt your data or spying on your machine. Because of that many big companies lost due to ransomware attack. But, how attacker build a ransoware and manage that. I will share with you an Open-Source Ransomeware to find out how hacker make and manage ransomware.


This was made to demonstrate ransomware and how easy it is to make. It works on Windows, Linux and MacOS. It’s recommended to compile payload.py to EXE to make it more portable.

I do work on security awareness trainings and test the IT security and safety for other companies and you guessed it; this was made for the demo section of my presentation, NOT TO EARN MONEY OR BRICK PEOPLES COMPUTERS.

This script does not get detected by any anti-virusses. Self made scripts go undetected 99% of the time. It’s easy to write something nasty like ransomware, adware, malware, you name it. Again, this script was for research only. Not ment to be used in the open world. I am not responsible for any damage you may cause with this knowledge.

I recommend a VPN that allows port forwarding (For example; PIA VPN) when using this outside your network, or better, a cloud computer hosted elsewhere, like Amazon AWS.

The conclusion of this project is that it is easy to brick a system and earn money doing it. This script doesn’t use any exploits to achieve its goal, but can easily be coded into it as a nice feature.

Visit jezsjxtthkqhlqoc.onion for a complete C&C.


  • Generate a ransomware payload
  • With or without GUI payload
  • FUD (Fully Undetectable by Anti-Virus)
  • Works on Windows, MacOS and Linux
  • Super fast encryption with PyCrypto
  • Compile to EXE, APP or Unix/Linux executable
  • Custom icon for your EXE payload
  • Receive keys of victims
  • Decrypt files
  • Demo mode (payload won’t encrypt anything)
  • Fullscreen mode (Warning takes over the screen)
  • Custom warning message for your victim
  • Custom image in your payload
  • Ghost mode (Rename by adding .DEMON extention instead of encrypting the files)
  • Multiple encryption methods
  • Select file extentions to target
  • Decide if payload should self-destruct (Console mode feature only)
  • Decide wich drive to target for encryption (working directory)
  • Verified server access through port forwarding VPN

Super Fast Encryption!

How to build FUD malware xploitlab


Download and install the latest version of Python 3.

Then do:

git clone https://github.com/leonv024/RAASNet.git

pip3 install -r requirements.txt

python3 RAASNet.py

On Linux, you might need to install these packages:

sudo apt install python3-tk python3-pil python3-pil.imagetk

Testing connection with remote server:

# Change the host and port in test_socket.py, default is on port 8989 python3 test_socket.py

Usage Demo



I am not responsible for any damage you might cause with this tool. Use at own risk and for testing and learning only! I made this to test AV’s and demo purposes only! Use this to avoid ransomware and make better tools against it because current AV tools and ransomware shields are not good enough!

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

19 + one =