Alec Maly | BitSpinner Avatar About me

>> My Public Projects <<

Social Media

The Elevator Pitch

Security Engineer + Researcher / Software Developer / Professional Search Engine/LLM End-User with a strong interest in security and design patterns at both the low-level code and high-level architectural scopes. I enjoy enabling people with technology and improving processes with automation. I’m also fond of performing ETL and data visualization to provide valuable, actionable insights that drive impactful decisions. With a desire for learning and expanding my knowledge, I love to develop and reverse software to make the world a better place. Let’s share ideas and information!

Myers-Briggs: I/E-NTP

Strengths Finder: Ideation, Adaptability, Learner, Connectedness, Input

🌱 I'm currently learning
Cloud Security | Azure
web3 | blockchain


Primary Interests

  • Application Security
  • Cloud Security | Azure
  • Tooling + Automation + POCs
  • Shellcoding + Exploit Development
  • Reverse Engineering
  • Fuzzing
  • Static + Dynamic Analysis
  • Computers + Problem Solving + Learning + Collaborating
  • Hands-On, Technical Roles

Certifications:

Alec Maly's certification: OSCP Alec Maly's certification: burp suite certified practitioner Alec Maly's certification: SLAE32 Alec Maly's certification: lean six-sigma yellowbelt

Bug Bounty Profiles:

code4rena bugcrowd hackerone

Microsoft Researcher Recognition Leaderboard

  • #251 - Microsoft 2023 MVR (Most Valuable Security Researcher)

My other public profiles:

pentesterlab pentesterlab pentesterlab hackthebox tryhackme blueteamlabs cyberseclabs

Open Source Contributions:


Languages, Tools, and Technologies I play with:

Primary Languages:

Additionally, I occasionally leverage:

Other software and applications I am familiar with:













Projects


This section is for projects which cannot be found elsewhere on my blog.

Blog posts with Proof Of Concepts: https://alecmaly.com/tag/POC

Hosted Sites / Services


Tools: Privacy

  • OpenVPN Server: Free, One-Click Deployment on Oracle Cloud (OCI) < (GitHub Repo) | (YouTube Video)

    Deploy a Free VPN in one click (copy/paste .sh script), it really is that easy.

    • Step 1: Navigate to https://cloud.oracle.com?cloudshell=true
    • Step 2: Run this command
        curl -s https://raw.githubusercontent.com/alecmaly/One-Click-Oracle-OCI-OpenVPN-Deployment/main/new_oci_openvpn_server.sh | /bin/bash -s -- openvpn 1 6
      

Tools: Hacking

  • Exploit Server POC < (GitHub Repo)
    • Quick POC for functionality similar to Portswigger’s Exploit Server (Thank you Portswigger for the idea!).
exploit-server-POC

Tools: Random

  • Discord MEE6 Power Leveling Bot (Python Script) < (GitHub Repo)

  • Moving Data: Power BI (TO DO: polish and release)

    • Data collection scripts + Power BI (.pbix) to analyze moving to different US states (e.g.: school data, FEMA natural disasters, allergy, etc.).

Chrome Extensions < (GitHub Repo)

A collection of some Chrome Extensions I have created to solve small problems.

  • SUID GTFOBins < (GitHub Repo)

    • (TO DO: Post YouTube Video)
    • Easily filter GTFO Bins for output from find / -perm /6000
  • Michigan Secretary of State Schedular < (YouTube Demo)

    • During the beginning of COVID, it was difficult to schedule a secretary of state appointment in Michigan - the website was not user friendly. This Chrome Extension helped find an appointment near the user quickly.
  • NC DMV Appointment Helper < (YouTube Demo) (Chrome Store: Install)

    • The North Carolina DMV Appointment website is difficult to use. This extension simplifies the experience of securing the best available appointment quickly.
  • Browser Extension Related Blog Posts