Skip to content

Instantly share code, notes, and snippets.

Karan Lyons karanlyons

Block or report user

Report or block karanlyons

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
karanlyons /
Last active May 1, 2020
pngen: Makes ECB PNGuins


Plaintext Penguin

Duplicate Plaintext Blocks:
	Total Blocks:                         358414
	Total Duplicates:                     349474
karanlyons / IA.json
Created Feb 6, 2020
Iowa Caucus 2020 JSON Results
View IA.json
This file has been truncated, but you can view the full file.
karanlyons /
Last active Aug 19, 2019
Burp Suite is for chumps.
#!/bin/env python3
import dataclasses
import re
import socket
import ssl as _ssl
import types
from collections import namedtuple, OrderedDict
from dataclasses import dataclass
from io import StringIO
from itertools import chain
karanlyons / lazyString.ts
Last active Aug 7, 2019
Procrastinate till you evaluate.
View lazyString.ts
export type StringReturningFunction = (...args: any[]) => string;
interface LazyString extends String {}
interface LazyStringConstructor {
new <F extends StringReturningFunction>(
func: F,
...args: Parameters<F>
): LazyString;
<F extends StringReturningFunction>(func: F, ...args: Parameters<F>): string;
karanlyons / format.ts
Last active Aug 6, 2019
Add translator friendly markup to translatable strings.
View format.ts
export type Formatters = { [k: string]: (s: string) => string };
export class FormatError extends Error {
public message: string,
public str: string,
public formatters: Formatters,
public tag: string
) {
View teamcity-poc-link.text
karanlyons / payloadPack.js
Last active Jul 26, 2019
Char wise, byte foolish.
View payloadPack.js
const pack = s =>
? s
.map(s => s.charCodeAt())
(pairs, c) =>
!c || pairs[pairs.length - 1].length === 2
? pairs.push(...(c? [[c]] : [[c], []]))
karanlyons / ZoomDaemon.yara
Last active May 16, 2020
Fixes for Zoom, RingCentral, Zhumu (and additional white labels) RCE vulnerabilities
View ZoomDaemon.yara
private rule Macho
description = "private rule to match Mach-O binaries (copied from Apple's XProtect)"
uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca
rule ZoomDaemon
View testcase.html
#left, #right, #test {
display: block;
z-index: 0;
#left {
float: left;
import os
from http.client import HTTPSConnection
from time import sleep
def request():
connection = HTTPSConnection('')
connection.request('GET', '/headers')
return connection.getresponse().read()
You can’t perform that action at this time.