What's The Correct Approach in Using Worm for Pentesting?

Hello, I’m Vlad, a student majoring in Network Engineering. I’m currently on my last semester and as a requirement to graduate, I need to make a networking device that combine embedded system with network security features so I decide to make a secure Raspberry Pi router that supposedly able to block worm from an unsecure network. The router is pretty much a modification from this youtube tutorial I found:

Raspberry Pi Router Tutorial

The router work as an added protection between the user’s end device and unsecure network. It has OpenVPN service to encrypt the network and I’ve installed ClamAV on the router to hopefully help with stopping the worm from infecting client devices behind its network.

Right now I want to test this router against a worm attack but the problem is, I’m very new in penetration testing and having trouble on finding a correct approach. Currently, I’m planning on using two virtual machines running Windows 10 where one VM (infected with worm) is connected directly to my home router, and the other is connected to the Raspberry Pi router (the Pi router will be connected to my home router as well before being connected to a VM). Hopefully, the worm will not spread to the client that is connected behind the Raspberry Pi router. Although, I have a concern that the worm may spread and infect the host machine instead and brick my computer or something because it is running Windows 10 as well.

I’m looking on any suggestions over the right approach of this matter like how should I conduct the test, what kind of worm should I use, etc. Any suggestion will be highly appreciated. Thank you in advance.