VENM

VENM (Versatile Encryption and Note-dropping Malware) is a native Windows ransomware payload generator built in C/C++. Designed strictly for ethical use in red team labs and malware research, it produces real ransomware payloads that perform AES-256 file encryption, drop customizable ransom notes, and establish persistence upon reboot.

Unlike simulation tools, VENM's modular architecture generates fully functional, offensive Windows executables that require no external dependencies (like Python) and are engineered to bypass Windows Defender and evade many EDRs.

Key features include a modular build system (separating encryption, file discovery, and persistence logic), optional network exfiltration stubs, and high-performance execution. It serves as a practical tool for demonstrating advanced persistent threats, testing EDR evasion techniques, and advancing malware behavior research.