Open in app

Sign In

Write

Sign In

Thomas Roccia
Thomas Roccia

1.4K Followers

Home

About

Published in SecurityBreak

·Pinned

Fifty Shades of Malware Strings

When analysing malware, string extraction is one of the first things to do to briefly extract useful information such as IP address, domains, functions, data, or any other information that has not been removed by the developer. A string is a sequence of characters, it can be a constant or…

Cybersecurity

9 min read

Fifty Shades of Malware Strings
Fifty Shades of Malware Strings
Cybersecurity

9 min read


Published in SecurityBreak

·Pinned

Fifty Shades of Malware Hashing

In forensic investigation as well as malware research, hashing is one of the most prevalent techniques to identify a file as malicious or not. Hashing is a mathematical process that calculates a unique fingerprint for a given input. In the past, hashing was even used in early anti-malware engines to…

Security

7 min read

Fifty Shades of Malware Hashing
Fifty Shades of Malware Hashing
Security

7 min read


Published in SecurityBreak

·Pinned

Security Infographics

I often do infographics to share security concepts or best practices. This page will list the different files. I will update it periodically so stay tuned by following me on Twitter or Medium. If you like these infographics, you can support me on BuyMeACoffee. Thanks! :) Consider becoming a Medium…

Threat Intelligence

3 min read

Security infographics
Security infographics
Threat Intelligence

3 min read


Published in SecurityBreak

·Dec 30, 2022

Investigation of a targeted attack in the CryptoCurrency industry

I investigated a campaign targeting the cryptocurrency industry. I wrote a detailed report that includes TTP, IOC and more. This thread was originally posted on Twitter and saved here! DEV-0139 launches targeted attacks against the cryptocurrency industry - Microsoft Security Blog Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and…www.microsoft.com

Cryptocurrency

4 min read

Investigation of a targeted attack in the CryptoCurrency field
Investigation of a targeted attack in the CryptoCurrency field
Cryptocurrency

4 min read


Published in SecurityBreak

·Dec 29, 2022

My Jupyter Collection

I work with Jupyter notebook on a daily base for analysis, threat intelligence and creating workflows! I created a Github page to share some of them! I update it periodically! This thread was originally posted on Twitter and saved here! 🤓

Jupyter Notebook

3 min read

My Jupyter Collection
My Jupyter Collection
Jupyter Notebook

3 min read


Published in SecurityBreak

·Dec 29, 2022

Highlights from 2022

A Look Back at My Cybersecurity Highlights from 2022 — Hello Friend!👋 As we near the end of 2022, I wanted to reach out and provide a recap of the year. It has been a busy and eventful year for me, both personally and professionally. I have been sharing a lot of content on topics such as malware analysis, threat intelligence, and…

Cybersecurity

5 min read

Highlights from 2022
Highlights from 2022
Cybersecurity

5 min read


Published in SecurityBreak

·Dec 27, 2022

Dhash Icon

Identify similar icons used in malware — On VirusTotal there is an interesting feature to look for malware similarities: “main_icon_dhash”. Dhash is a visual hash that can be used to identify similar images. It differs from the other hash algorithm because it does not require an exact match to find similar images. …

Malware

2 min read

Dhash Icon
Dhash Icon
Malware

2 min read


Published in SecurityBreak

·Dec 21, 2022

Code Graphology

How to study an exploit to discover more? — This year I presented at @ComfyConAU about code graphology and how it can be used for exploit hunting! Here is an overview on what was discussed and how you can apply code graphology in your research! This thread was originally posted on Twitter and saved here! 🤓 Graphology is…

Cybersecurity

4 min read

Code Graphology
Code Graphology
Cybersecurity

4 min read


Published in SecurityBreak

·Dec 18, 2022

6 Useful Infographics for Threat Intelligence

Visualizing Cybersecurity concepts can be a terrific way to learn more about specific tools, methodologies, and techniques! Here is a post that shows six useful infographics on threat intelligence and related topics! This thread was originally posted on Twitter and saved here! 🤓 1 — Practical Threat Intel 2 — Tactics, Techniques and Procedures TTP is an important concept to understand…

Cybersecurity

3 min read

6 Useful Infographics for Threat Intelligence
6 Useful Infographics for Threat Intelligence
Cybersecurity

3 min read


Published in SecurityBreak

·Dec 17, 2022

10 Underrated Resources about Malware Techniques

This is a list of various resources to learn more about malware techniques, how to analyse them and how to improve your detection! This thread was originally posted on Twitter and saved here! 🤓 #1: The Unprotect Project Of course, I couldn’t start this thread without talking about this project we started in 2015…

Malware Analysis

4 min read

10 Underrated Resources about Malware Techniques
10 Underrated Resources about Malware Techniques
Malware Analysis

4 min read

Thomas Roccia

Thomas Roccia

1.4K Followers

Security Researcher

Following
  • SlowMist

    SlowMist

  • Rebecca Vickery

    Rebecca Vickery

  • Kevin Beaumont

    Kevin Beaumont

  • Thomas Ricouard

    Thomas Ricouard

  • Shinigami

    Shinigami

See all (65)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech