Thomas Roccia (fr0gger)
Senior Security Researcher at Microsoft
Administrator Founder Top Contributor

Thomas Roccia is a seasoned threat researcher. Currently, he serves as a Senior Security Researcher at Microsoft Threat Intelligence and operates SecurityBreak, an online platform for his project updates and research.

Contributed Techniques
Technique Name Technique ID's Snippet(s) Rules(s) OS
PyArmor U1435
Base64 U0706 E1027.m02
ConfuserEx U1417
hXOR Packer U1418
BobSoft Mini Delphi Packer U1428
INT 0x2D U0129 B0001.006
CloudEye/DarkEye U1426
CryptOne U1427
Trap Flag U0131
NLS Code Injection Through Registry U1237
Code Cave U0502
ICE 0xF1 U0130
Contributed Code Snippets
Technique Language OS Creation Date
Checking Memory Size C++ 1 year, 9 months
Detecting USB Drive C++ 1 year, 9 months
Connected Printer C++ 1 year, 9 months
Geofencing Python 1 year, 9 months
Image File Execution Options Injection C++ 1 year, 11 months
COM Hijacking C++ 1 year, 11 months
Checking Pipe C++ 2 years
Geofencing C++ 2 years
Hiding Mechanisms C++ 2 years
Malvertising JavaScript 2 years
Fast Flux Python 2 years
Domain Generation Algorithm Python 2 years
DNS Tunneling Python 2 years
DNS Hijacking Python 2 years
Tor Network C2 Python 2 years
Peer to peer C2 Python 2 years
C2 via Social Networks Python 2 years
ROL Python 2 years
Cryptography Python 2 years
Custom Encoding Python 2 years
XOR Operation C++ 2 years
XOR Operation Python 2 years
Kill Process C++ 4 years, 2 months
TLS Callback C++ 4 years, 2 months
Checking Malware Name C++ 4 years, 2 months
IsDebuggerPresent C++ 4 years, 3 months
OutputDebugString C++ 4 years, 3 months
Indicator Removal: Clear Windows Event Logs cmd 4 years, 3 months
Detecting Mac Address Golang 4 years, 3 months
Caesar Cipher Golang 4 years, 3 months
Base64 Golang 4 years, 3 months
Detecting Hostname, Username C++ 4 years, 3 months
Checking Screen Resolution C++ 4 years, 3 months
Detecting Virtual Environment Files C++ 4 years, 3 months
SMSW C++ 4 years, 3 months
Checking Hard Drive Size Python 4 years, 3 months
Detecting Virtual Environment Artefacts C++ 4 years, 3 months