Jean-Pierre LESUEUR (DarkCoderSc)
Lead Developer / Malware Researcher / Microsoft MVP
Administrator Core Developer Top Contributor

I'm a Franco-British cybersecurity expert with over two decades of experience in the IT industry. My expertise lies in Malware Research, Reverse Engineering, and Penetration Testing, with a strong background in software development. In 2014, I founded PHROZEN to provide expert security services for professionals who need to protect their critical assets and infrastructure. In 2023, I was honored with the Microsoft Most Valuable Professional (MVP) award in recognition of my extensive work and contributions to Microsoft technologies. This award highlights my dedication to advancing and sharing knowledge in areas such as security, and development, and acknowledges the impact of my work within the Microsoft community.

Contributed Techniques
Technique Name Technique ID's Categories Snippet(s) Rules(s)
Indirect Memory Writing U0525
FuncIn U0132 U0221 U0308
SMB / Named Pipes U9011
Right-to-Left Override (RLO) Extension Spoofing U1010
C2 via FTP(S) U0910
Impair Defenses: Impair Command History Logging T1562.003
Code Cave U0502
Contributed Code Snippets
Technique Language OS Creation Date
Indirect Memory Writing Delphi Windows 7 months
System Binary Proxy Execution: Rundll32 Delphi Windows 1 year, 3 months
APC injection FASM32 Windows 1 year, 11 months
Reflective DLL injection Delphi Windows 2 years, 5 months
SMB / Named Pipes Delphi Windows 2 years, 8 months
SMB / Named Pipes C# Windows 2 years, 8 months
Right-to-Left Override (RLO) Extension Spoofing PowerShell Windows 2 years, 8 months
C2 via FTP(S) Delphi Windows 2 years, 10 months
C2 via FTP(S) C# Windows 2 years, 10 months
Shortcut Hiding Python Windows 3 years, 4 months
APC injection Delphi Windows 3 years, 7 months
APC injection Delphi Windows 3 years, 7 months
Indicator Removal: Timestomp C# Windows 3 years, 8 months
Process Hollowing, RunPE Delphi Windows 3 years, 10 months
ProcEnvInjection - Remote code injection by abusing process environment strings Delphi Windows 3 years, 10 months
DLL Injection via CreateRemoteThread and LoadLibrary Delphi Windows 3 years, 10 months
Checking Mouse Activity Delphi Windows 3 years, 10 months
Detecting Mac Address C# Windows 3 years, 10 months
NtQueryInformationProcess Delphi Windows 3 years, 10 months
NtQueryInformationProcess C# Windows 3 years, 10 months
File Melt C# Windows 3 years, 10 months
File Melt Delphi Windows 5 years, 2 months
Detecting Active Services Delphi Windows 5 years, 2 months
NTFS Files Attributes Delphi Windows 5 years, 5 months
Code Cave Python Windows 5 years, 5 months
NtQueryObject Delphi Windows 5 years, 6 months
NtSetInformationThread Delphi Windows 5 years, 7 months
IsDebuggerPresent Delphi Windows 5 years, 7 months
NtSetDebugFilterState Delphi Windows 5 years, 7 months
OutputDebugString Delphi Windows 5 years, 7 months
SuspendThread Delphi Windows 5 years, 7 months
Detecting Window with FindWindow API Delphi Windows 5 years, 7 months
Detecting Window with FindWindow API Python Windows 5 years, 8 months
IsDebugged Flag Delphi Windows 5 years, 8 months