Thomas Roccia (fr0gger) Profile

Thomas Roccia (fr0gger)

Senior Security Researcher at Microsoft

Thomas Roccia is a seasoned threat researcher. Currently, he serves as a Senior Security Researcher at Microsoft Threat Intelligence and operates SecurityBreak, an online platform for his project updates and research.

Contributed Techniques

Technique Name	Technique ID's	Has Snippet(s)	Has Rules(s)
PyArmor	U1435
Base64	U0706 E1027.m02
ConfuserEx	U1417
hXOR Packer	U1418
BobSoft Mini Delphi Packer	U1428
INT 0x2D	U0129 B0001.006
CloudEye/DarkEye	U1426
CryptOne	U1427
Trap Flag	U0131
NLS Code Injection Through Registry	U1237
Code Cave	U0502
ICE 0xF1	U0130

Contributed Code Snippets

Technique	Language	Creation Date
Checking Memory Size	C++	1 year, 1 month
Detecting USB Drive	C++	1 year, 1 month
Connected Printer	C++	1 year, 1 month
Geofencing	Python	1 year, 1 month
Image File Execution Options Injection	C++	1 year, 3 months
COM Hijacking	C++	1 year, 4 months
Checking Pipe	C++	1 year, 4 months
Geofencing	C++	1 year, 4 months
Hiding Mechanisms	C++	1 year, 4 months
Malvertising	JavaScript	1 year, 4 months
Fast Flux	Python	1 year, 4 months
Domain Generation Algorithm	Python	1 year, 4 months
DNS Tunneling	Python	1 year, 4 months
DNS Hijacking	Python	1 year, 4 months
Tor Network C2	Python	1 year, 4 months
Peer to peer C2	Python	1 year, 4 months
C2 via Social Networks	Python	1 year, 4 months
ROL	Python	1 year, 4 months
Cryptography	Python	1 year, 4 months
Custom Encoding	Python	1 year, 4 months
XOR Operation	C++	1 year, 4 months
XOR Operation	Python	1 year, 4 months
Kill Process	C++	3 years, 7 months
TLS Callback	C++	3 years, 7 months
Checking Malware Name	C++	3 years, 7 months
IsDebuggerPresent	C++	3 years, 7 months
OutputDebugString	C++	3 years, 7 months
Indicator Removal: Clear Windows Event Logs	cmd	3 years, 7 months
Detecting Mac Address	Golang	3 years, 7 months
Caesar Cipher	Golang	3 years, 7 months
Base64	Golang	3 years, 7 months
Detecting Hostname, Username	C++	3 years, 7 months
Checking Screen Resolution	C++	3 years, 7 months
Detecting Virtual Environment Files	C++	3 years, 7 months
SMSW	C++	3 years, 7 months
Checking Hard Drive Size	Python	3 years, 8 months
Detecting Virtual Environment Artefacts	C++	3 years, 8 months