Thomas Roccia (fr0gger)
Senior Security Researcher at Microsoft
Administrator Founder Top Contributor

Thomas Roccia is a seasoned threat researcher. Currently, he serves as a Senior Security Researcher at Microsoft Threat Intelligence and operates SecurityBreak, an online platform for his project updates and research.

Contributed Techniques
Technique Name Technique ID's Snippet(s) Rules(s) OS
PyArmor U1435
Base64 U0706 E1027.m02
ConfuserEx U1417
hXOR Packer U1418
BobSoft Mini Delphi Packer U1428
INT 0x2D U0129 B0001.006
CloudEye/DarkEye U1426
CryptOne U1427
Trap Flag U0131
NLS Code Injection Through Registry U1237
Code Cave U0502
ICE 0xF1 U0130
Contributed Code Snippets
Technique Language OS Creation Date
Checking Memory Size C++ 1 year, 8 months
Detecting USB Drive C++ 1 year, 8 months
Connected Printer C++ 1 year, 8 months
Geofencing Python 1 year, 8 months
Image File Execution Options Injection C++ 1 year, 10 months
COM Hijacking C++ 1 year, 10 months
Checking Pipe C++ 1 year, 11 months
Geofencing C++ 1 year, 11 months
Hiding Mechanisms C++ 1 year, 11 months
Malvertising JavaScript 1 year, 11 months
Fast Flux Python 1 year, 11 months
Domain Generation Algorithm Python 1 year, 11 months
DNS Tunneling Python 1 year, 11 months
DNS Hijacking Python 1 year, 11 months
Tor Network C2 Python 1 year, 11 months
Peer to peer C2 Python 1 year, 11 months
C2 via Social Networks Python 1 year, 11 months
ROL Python 1 year, 11 months
Cryptography Python 1 year, 11 months
Custom Encoding Python 1 year, 11 months
XOR Operation C++ 1 year, 11 months
XOR Operation Python 1 year, 11 months
Kill Process C++ 4 years, 1 month
TLS Callback C++ 4 years, 1 month
Checking Malware Name C++ 4 years, 1 month
IsDebuggerPresent C++ 4 years, 2 months
OutputDebugString C++ 4 years, 2 months
Indicator Removal: Clear Windows Event Logs cmd 4 years, 2 months
Detecting Mac Address Golang 4 years, 2 months
Caesar Cipher Golang 4 years, 2 months
Base64 Golang 4 years, 2 months
Detecting Hostname, Username C++ 4 years, 2 months
Checking Screen Resolution C++ 4 years, 2 months
Detecting Virtual Environment Files C++ 4 years, 2 months
SMSW C++ 4 years, 2 months
Checking Hard Drive Size Python 4 years, 2 months
Detecting Virtual Environment Artefacts C++ 4 years, 2 months