Code

Luxer One is a Python API client for the Luxer One Residential package management system. The library provides programmatic access to check package delivery status, retrieve pending packages, and interact with smart locker systems commonly found in apartment complexes and residential buildings. The client handles authentication with the Luxer One API and includes example code demonstrating basic operations such as logging in and querying package information. This enables automated monitoring and management of package deliveries through the Luxer One platform.

Extsort is a Go library that implements external sorting algorithms for datasets larger than available memory. The library manages temporary files and memory buffers to sort data that cannot fit entirely in RAM. The implementation uses merge sort with configurable buffer sizes and temporary file management. It provides a standard Go interface for sorting operations while automatically handling the complexity of disk-based intermediate storage and merging phases.

Allxfr performs DNS zone transfers (AXFR) against nameservers to retrieve complete zone files. The tool systematically attempts zone transfers against root zone servers and other configured nameservers to discover available zone data. The program supports both IPv4 and IPv6 connections and includes options for parallel transfers, dry-run operations, and zone file storage. It implements the DNS AXFR protocol to request complete zone transfers from authoritative nameservers that permit such operations.

Minimalin Watch Face is a minimalistic Wear OS watch face featuring clean typography and Material Design aesthetics. The watch face displays time with customizable complications and supports ambient mode for always-on displays with reduced power consumption. Inspired by the original Pebble Minimalin watch face, this Wear OS implementation includes configurable color themes, center complications for additional information display, and optimized rendering for various screen sizes and densities across different smartwatch models.

M365 Toolbox demonstrates a security vulnerability in the Xiaomi M365 electric scooter’s communication protocol. The Java application exploits weaknesses in the scooter’s Bluetooth Low Energy (BLE) authentication mechanism to bypass security controls and execute unauthorized commands. The proof-of-concept tool reveals how the scooter’s authentication can be circumvented through protocol manipulation, allowing remote control access without proper authorization. This research highlighted critical security flaws in IoT device communication protocols commonly found in consumer transportation devices.

A Go library and SOCKS5 proxy server that enables egress traffic from multiple IP addresses within a subnet. Stargate randomly distributes network connections across different IP addresses to avoid rate-limiting and provide load balancing across available IP ranges. The tool works best with subnets directly routed to the host and is particularly powerful for IPv6 subnet utilization. It supports both TCP CONNECT and UDP ASSOCIATE protocols and provides both a standalone proxy tool and a Go library for programmatic random IP networking. Requires specific network routing configuration and primarily supports Linux and FreeBSD platforms due to freebind networking capabilities.

Binary Analog Watch Face is an Android Wear watch face that combines analog time display with binary representation. The watch face uses binary digits to form the hour and minute hands, creating a unique visualization where time is displayed both analogically and in binary format. The watch face features Material Design aesthetics with customizable color themes and optional center complications. The implementation renders traditional analog clock hands using sequences of binary digits, inspired by Anthony Liekens’s Analog Binary Wall Clock concept.

CZDS is a Go library and CLI tool for interacting with ICANN’s Centralized Zone Data Service API. It handles authentication, zone file downloads, request submissions, and status monitoring for accessing top-level domain zone data. The implementation supports parallel downloads, request management, and provides both library interfaces for Go applications and standalone command-line functionality. The tool automates the process of requesting and retrieving DNS zone files from ICANN’s centralized service.

Tethr is an Android application that demonstrates CVE-2017-0554, a vulnerability that allows bypassing carrier tethering provisioning checks on unrooted devices. The proof-of-concept app exploits system property manipulation to enable mobile hotspot functionality without carrier approval. The vulnerability affects Android versions prior to 7.1.2 by allowing modification of tethering-related system properties through reflection and system service manipulation. This research was conducted to highlight security weaknesses in Android’s tethering permission model.

CertGraph crawls SSL certificates to map domain relationships through certificate alternate names. The tool builds a directed graph where domains are nodes and certificate alternative names create edges between related domains. The program performs hostname enumeration by following certificate relationships, revealing domain connections that may not be apparent through traditional DNS enumeration. It outputs data in various formats including graphical representations for network topology analysis.