Skip to content

Instantly share code, notes, and snippets.

Karan Lyons karanlyons

Block or report user

Report or block karanlyons

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
karanlyons /
Last active Aug 19, 2019
Burp Suite is for chumps.
#!/bin/env python3
import dataclasses
import re
import socket
import ssl as _ssl
import types
from collections import namedtuple, OrderedDict
from dataclasses import dataclass
from io import StringIO
from itertools import chain
karanlyons / lazyString.ts
Last active Aug 7, 2019
Procrastinate till you evaluate.
View lazyString.ts
export type StringReturningFunction = (...args: any[]) => string;
interface LazyString extends String {}
interface LazyStringConstructor {
new <F extends StringReturningFunction>(
func: F,
...args: Parameters<F>
): LazyString;
<F extends StringReturningFunction>(func: F, ...args: Parameters<F>): string;
karanlyons / format.ts
Last active Aug 6, 2019
Add translator friendly markup to translatable strings.
View format.ts
export type Formatters = { [k: string]: (s: string) => string };
export class FormatError extends Error {
public message: string,
public str: string,
public formatters: Formatters,
public tag: string
) {
karanlyons / payloadPack.js
Last active Jul 26, 2019
Char wise, byte foolish.
View payloadPack.js
const pack = s =>
? s
.map(s => s.charCodeAt())
(pairs, c) =>
!c || pairs[pairs.length - 1].length === 2
? pairs.push(...(c? [[c]] : [[c], []]))
karanlyons / ZoomDaemon.yara
Last active Oct 2, 2019
Fixes for Zoom, RingCentral, Zhumu (and additional white labels) RCE vulnerabilities
View ZoomDaemon.yara
private rule Macho
description = "private rule to match Mach-O binaries (copied from Apple's XProtect)"
uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca
rule ZoomDaemon
View testcase.html
#left, #right, #test {
display: block;
z-index: 0;
#left {
float: left;
import os
from http.client import HTTPSConnection
from time import sleep
def request():
connection = HTTPSConnection('')
connection.request('GET', '/headers')
return connection.getresponse().read()
karanlyons /
Created Sep 25, 2017
Headspace Challenge

Headspace Challenge


  • Python >=3.5 (compiled with sqlite3 support)
  • That’s it.
  • This may have been a bad idea.

Get Started

karanlyons / splatify.js
Created Aug 29, 2017
splatify.js: Add some venom to your coffee
View splatify.js
function splatify(func) {
args_string = func.toString().split('(')[1].split(')')[0].split(',').map(function(s) { return s.trim(); });
if (args_string.length && args_string[args_string.length - 1] === 'splat_args') {
pivot = args_string.length - 1;
return function () {
if (arguments.length > pivot + 1) {
args =, 0, pivot);
args.push(, pivot));
karanlyons /
Last active Jun 10, 2019
Why PRNGs are not the same as CSPRNGs
import z3
def sym_xoroshiro128plus(solver, sym_s0, sym_s1, mask, result):
s0 = sym_s0
s1 = sym_s1
sym_r = (sym_s0 + sym_s1)
condition = z3.Bool('c0x%0.16x' % result)
solver.add(z3.Implies(condition, (sym_r & mask) == result & mask))
You can’t perform that action at this time.