I often do infographics to share security concepts or best practices. This page will list the different files. I will update it periodically so stay tuned by following me on Twitter or Medium.

If you like these infographics and would like to have a printed version for your office or…


The past weeks have been very busy with the critical vulnerability PrintNigthmare and the REvil attack which breached Kaseya MSP. A lot of content have already been published and discussed. In this Security Highlight expect content not related to these two, but information that you may have missed.

Here is…


Already summertime and I know that some of you are experiencing hot weather in some parts of the planet! Here is Security Highlight number 3: your fresh news condensed to stay up to date in just 3 minutes! Enjoy reading!

If you want to stay up to date on future…


Last week I launched this newsletter and wanted to thank you all for your wonderful feedback. In this second Security Highlight, we’ll talk about recent breaches and technical analyzes. Feel free to send me your feedback or suggestion on Twitter. Good reading!

If you want to stay up to date…


It’s been a while since I wanted to create a kind of newsletter with security news that I find interesting. The aim is to provide summaries of the 10 interesting topics of the week. …


Run-time type information (RTTI) is a feature of C++ that allows the determination of an object data type at runtime (runtime, or execution time is the final phase of a computer program’s life cycle, in which the code is being executed on the computer’s central processing unit (CPU) as machine…


Name mangling is a mechanism used by compilers to add additional characters to functions with the same name (function overloading). The goal of name mangling is to avoid any confusion when executing the program and calling a function that may have the same name as another one.

To understand better…


Deobfuscation is an important part of malware analysis. Many malware currently uses obfuscation to hide from analysts but also to avoid detection. We keep track of some of these techniques in the Unprotect Project.

In this short tip, we will discuss the cool tool from Fireeye: Floss. …


Binary diffing is a great way to visualize and spot differences and similarities in multiple binaries. As a malware researcher, this is useful for identifying similarity with another malware family, but also for identifying code changes between multiple variants of the same malware. …


One of the greatest features of IDA is the ability to use Python directly in the interface to manipulate the disassembly code. IDAPython is basically a way to interact with the IDC scripting. It can be used to automate certain tasks such as deobfuscation or coloring of code. …

Thomas Roccia

Security Researcher

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store