Thomas Roccia (fr0gger)
Senior Security Researcher at Microsoft

Thomas Roccia is a seasoned threat researcher. Currently, he serves as a Senior Security Researcher at Microsoft Threat Intelligence and operates SecurityBreak, an online platform for his project updates and research.

Contributed Techniques
Technique Name Technique ID's Snippet(s) Rules(s) OS
PyArmor U1435
Base64 U0706 E1027.m02
ConfuserEx U1417
hXOR Packer U1418
BobSoft Mini Delphi Packer U1428
INT 0x2D U0129 B0001.006
CloudEye/DarkEye U1426
CryptOne U1427
Trap Flag U0131
NLS Code Injection Through Registry U1237
Code Cave U0502
ICE 0xF1 U0130
Contributed Code Snippets
Technique Language OS Creation Date
Checking Memory Size C++ 1 year, 7 months
Detecting USB Drive C++ 1 year, 7 months
Connected Printer C++ 1 year, 7 months
Geofencing Python 1 year, 7 months
Image File Execution Options Injection C++ 1 year, 9 months
COM Hijacking C++ 1 year, 9 months
Checking Pipe C++ 1 year, 10 months
Geofencing C++ 1 year, 10 months
Hiding Mechanisms C++ 1 year, 10 months
Malvertising JavaScript 1 year, 10 months
Fast Flux Python 1 year, 10 months
Domain Generation Algorithm Python 1 year, 10 months
DNS Tunneling Python 1 year, 10 months
DNS Hijacking Python 1 year, 10 months
Tor Network C2 Python 1 year, 10 months
Peer to peer C2 Python 1 year, 10 months
C2 via Social Networks Python 1 year, 10 months
ROL Python 1 year, 10 months
Cryptography Python 1 year, 10 months
Custom Encoding Python 1 year, 10 months
XOR Operation C++ 1 year, 10 months
XOR Operation Python 1 year, 10 months
Kill Process C++ 4 years
TLS Callback C++ 4 years
Checking Malware Name C++ 4 years
IsDebuggerPresent C++ 4 years, 1 month
OutputDebugString C++ 4 years, 1 month
Indicator Removal: Clear Windows Event Logs cmd 4 years, 1 month
Detecting Mac Address Golang 4 years, 1 month
Caesar Cipher Golang 4 years, 1 month
Base64 Golang 4 years, 1 month
Detecting Hostname, Username C++ 4 years, 1 month
Checking Screen Resolution C++ 4 years, 1 month
Detecting Virtual Environment Files C++ 4 years, 1 month
SMSW C++ 4 years, 1 month
Checking Hard Drive Size Python 4 years, 1 month
Detecting Virtual Environment Artefacts C++ 4 years, 1 month