Skip to content

Instantly share code, notes, and snippets.

Discover gists

@hackermondev
hackermondev / research.md
Last active January 21, 2025 22:01
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@cassidoo
cassidoo / talk-to-me-template.md
Created December 17, 2024 05:12
A template for a "Talk to Me" page with your crew

Talk to Me page

Who am I?

...

What do I do at organization?

...

@hackermondev
hackermondev / zendesk.md
Last active January 21, 2025 21:59
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@AndrasKovacs
AndrasKovacs / HOASOnly.hs
Last active January 21, 2025 21:58
HOAS-only lambda calculus
{-# language BlockArguments, LambdaCase, Strict, UnicodeSyntax #-}
{-|
Minimal dependent lambda caluclus with:
- HOAS-only representation
- Lossless printing
- Bidirectional checking
- Efficient evaluation & conversion checking
Inspired by https://gist.github.com/Hirrolot/27e6b02a051df333811a23b97c375196
@0atman
0atman / configuration.nix
Last active January 21, 2025 21:58
A rebuild script that commits on a successful build
{
config,
pkgs,
options,
...
}: let
hostname = "oatman-pc"; # to alllow per-machine config
in {
networking.hostName = hostname;
@iamwildtuna
iamwildtuna / gist:7772b7c84a11bf6e1385f23096a73a15
Last active January 21, 2025 21:58
VPN IP Addresses (IP адреса Meta, Facebook, Instagram, YouTube, Medium, X ex. Twitter, Discord)
Meta (Instagram, Facebook)
// Узлы
157.240.253.174, 157.240.253.172, 157.240.253.167, 157.240.253.63, 157.240.253.32
157.240.252.174, 157.240.252.172, 157.240.252.167, 157.240.252.63, 157.240.252.38
57.144.112.34, 57.144.110.1, 157.240.205.174
// Подсети
213.102.128.0/24
204.15.20.0/22
199.201.0.0/16
@avoidik
avoidik / 1-termux-adb.md
Last active January 21, 2025 21:55 — forked from kairusds/1-termux-adb.md
Instructions for connecting Termux's android-tools adb to the current device via Wireless debugging and fixing phantom process killing

Install android-tools if you haven't already:

$ pkg update ; pkg upgrade
$ pkg install android-tools

Pair with remote or local ADB

@UbuntuEvangelist
UbuntuEvangelist / Completely Uninstall LAMP Stack Ubuntu 24.04 LTS
Last active January 21, 2025 21:54
Completely Uninstall LAMP Ubuntu
HIRE Me For Your Project Support :)
Telegram: https://t.me/LinuxGun
#!/bin/bash
# Completely Remove Apache Ubuntu
service apache2 stop
apt purge apache2
apt remove apache2.*
apt autoremove
whereis apache2
@kairusds
kairusds / 1-termux-adb.md
Last active January 21, 2025 21:54
Instructions for connecting Termux's android-tools adb to the current device via Wireless debugging and fixing phantom process killing

Install android-tools if you haven't already:

pkg update ; pkg upgrade
pkg install android-tools


adb pair localhost:port