About me

>> My Public Projects <<

Social Media

The Elevator Pitch

Security Engineer + Researcher / Software Developer / Professional Search Engine/LLM End-User with a strong interest in security and design patterns at both the low-level code and high-level architectural scopes. I enjoy enabling people with technology and improving processes with automation. I’m also fond of performing ETL and data visualization to provide valuable, actionable insights that drive impactful decisions. With a desire for learning and expanding my knowledge, I love to develop and reverse software to make the world a better place. Let’s share ideas and information!

Myers-Briggs: I/E-NTP

Strengths Finder: Ideation, Adaptability, Learner, Connectedness, Input

🌱 I'm currently learning
Cloud Security | Azure
web3 | blockchain

Primary Interests

• Application Security
• Cloud Security | Azure
• Tooling + Automation + POCs
• Shellcoding + Exploit Development
• Reverse Engineering
• Fuzzing
• Static + Dynamic Analysis
• Computers + Problem Solving + Learning + Collaborating
• Hands-On, Technical Roles

Certifications:

Bug Bounty Profiles:

Microsoft Researcher Recognition Leaderboard

• #251 - Microsoft 2023 MVR (Most Valuable Security Researcher)

My other public profiles:

---

Languages, Tools, and Technologies I play with:

Primary Languages:

Additionally, I occasionally leverage:

Other software and applications I am familiar with:

Projects

This section is for projects which cannot be found elsewhere on my blog.

Blog posts with Proof Of Concepts: https://alecmaly.com/tag/POC

---

Hosted Sites / Services

• https://sharepoint-json-helper.alecmaly.com < (GitHub Repo) | (YouTube Demo / Tutorial)

  • A tool to assist in the creation of SharePoint List Formatting JSON (outdated, new features that this tool does not address have been added to SharePoint).

• https://random.alecmaly.com < (GitHub Repo)

  • Scrapes web pages for random tech categories, design patterns, tools, services, etc.
  • Purpose: Learn something new & solidify previous knowledge (be reminded of a knowledge you forgot about)

---

Tools: Privacy

• OpenVPN Server: Free, One-Click Deployment on Oracle Cloud (OCI) < (GitHub Repo) | (YouTube Video)

  Deploy a Free VPN in one click (copy/paste .sh script), it really is that easy.

  • Step 1: Navigate to https://cloud.oracle.com?cloudshell=true
  • Step 2: Run this command

      curl -s https://raw.githubusercontent.com/alecmaly/One-Click-Oracle-OCI-OpenVPN-Deployment/main/new_oci_openvpn_server.sh | /bin/bash -s -- openvpn 1 6
    

---

Tools: Hacking

• Exploit Server POC < (GitHub Repo)
  • Quick POC for functionality similar to Portswigger’s Exploit Server (Thank you Portswigger for the idea!).

---

Tools: Random

• Discord MEE6 Power Leveling Bot (Python Script) < (GitHub Repo)

• Moving Data: Power BI (TO DO: polish and release)

  • Data collection scripts + Power BI (.pbix) to analyze moving to different US states (e.g.: school data, FEMA natural disasters, allergy, etc.).

---

Chrome Extensions < (GitHub Repo)

A collection of some Chrome Extensions I have created to solve small problems.

• SUID GTFOBins < (GitHub Repo)

  • (TO DO: Post YouTube Video)
  • Easily filter GTFO Bins for output from find / -perm /6000

• Michigan Secretary of State Schedular < (YouTube Demo)

  • During the beginning of COVID, it was difficult to schedule a secretary of state appointment in Michigan - the website was not user friendly. This Chrome Extension helped find an appointment near the user quickly.