Awesome Open Source
Awesome Open Source


Visit our Onion site for a complete C&C !

New Onion Domain:


license compatible status Security last commit Twitter

Buy Me A Coffee

Ransomware As A Service


The GeoIP lib doesn't work on Python 3.9, so use Python 3.7! (or remove that function from the server code).

We're currently testing other options for GeoIP lookups.

alt text alt text alt text alt text alt text

Super Fast Encryption!

alt text

Usage Demo

RAASNet demo

Please read

This project was made to demonstrate how easy ransomware are easy to make and how it work. The script works on Windows, Linux and MacOS. It is recommended to compile to EXE format to make it more portable.

I do work on security awareness trainings and test the IT security and safety for other companies and you guessed it; this was made for the demo section of my presentation, NOT TO EARN MONEY OR BRICK PEOPLES COMPUTERS.

This script does not get detected by any anti-virusses. Self made scripts go undetected 99% of the time. It's easy to write something nasty like ransomware, adware, malware, you name it. Again, this script was for research only. Not ment to be used in the open world. I am not responsible for any damage you may cause with this knowledge.

I recommend using a VPN that allows port forwarding (For example; PIA VPN) when using this outside your network, or better, a cloud computer hosted elsewhere, like Amazon AWS.

The conclusion of this project is that it is easy to brick a system and earn money doing it. This script doesn't use any exploits to achieve its goal, but can easily be coded into it as a nice feature.


  • Generate a ransomware payload
  • With or without GUI payload (SIDE NOTE: Use console payload (No GUI) if you execute it from a remote system or Terminal.)
  • FUD (Fully Undetectable by Anti-Virus)
  • Works on Windows, MacOS and Linux
  • Super fast encryption with PyCrypto
  • Compile to EXE, APP or Unix/Linux executable
  • Custom icon for your EXE payload
  • Receive keys of victims
  • Decrypt files
  • Demo mode (payload won't encrypt anything)
  • Fullscreen mode (Warning takes over the screen)
  • Custom warning message for your victim
  • Custom image in your payload
  • Ghost mode (Rename by adding .DEMON extention instead of encrypting the files)
  • Multiple encryption methods
  • Select file extentions to target
  • Decide if payload should self-destruct (Console mode feature only)
  • Decide wich drive to target for encryption (working directory)
  • Verified server access through port forwarding VPN
  • Encode payload as Morse code


Download and install the latest version of Python 3.

Then do:

git clone
pip3 install -r requirements.txt

On Linux, you might need to install these packages:

sudo apt install python3-tk python3-pil python3-pil.imagetk libgeoip1 libgeoip-dev geoip-bin

Testing connection with remote server:

# Change the host and port in, default is on port 8989


I am not responsible for any damage you might cause with this tool. Use at own risk and for testing and learning only! I made this to test AV's and demo purposes only! Use this to avoid ransomware and make better tools against it because current AV tools and ransomware shields are not good enough!

Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Python (793,618
Encryption (11,828
Vpn (3,890
Penetration Testing (3,044
Onion (973
Pentesting Tools (183
Ransomware Prevention (26
Raas (3