Skip to content

Instantly share code, notes, and snippets.

View zkxs's full-sized avatar

zkxs

40 followers · 62 following
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active June 25, 2025 07:25
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@hackermondev
hackermondev / zendesk.md
Last active June 25, 2025 20:26
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@hazre
hazre / fix-hand-tracking-steamlink.md
Last active August 9, 2024 10:41
@TheSunCat
TheSunCat / DisblockOrigin.theme.css
Last active May 27, 2025 14:51
Hide all Nitro & Boost upsells in Discord!
/**
* @name Adblock for Discord
* @author TheSunCat and contributors
* @version 1.0.0
* @description We have moved to Codeberg! Follow the link below:
* @source https://codeberg.org/AllPurposeMat/Disblock-Origin
*/
#app-mount::before {
content: "The Disblock Origin theme has moved to Codeberg! Please check https://codeberg.org/AllPurposeMat/Disblock-Origin";
@Tsunder
Tsunder / POWER.md
Last active October 15, 2023 00:17 — forked from ignomen/POWER.md
POWER or: How I Learned to Stop Worrying and Love the Reactor

POWER or: How I Learned to Stop Worrying and Love the Reactor

This is a beginner and intermediate guide to powering subs.

The information in this guide is up to date as of July 2021.

This guide is a work in progress. There will be sections that are incomplete.

BASIC GUIDE

@w4rum
w4rum / barotrauma-reactor-guide.md
Last active April 20, 2025 21:07
In-depth Reactor Guide and Fission Controller (last updated for 0.13.3.11)

In-depth Reactor Guide and Fission Controller (last updated for 0.13.3.11)

This guide first explains some advanced features of the Barotrauma reactor system and then combines a PD controller with some reverse engineering of Barotrauma's source code to build a working fission controller. This guide does not build a turbine controller. Please see Rob Smith's video for a really great turbine controller that works well with this fission controller.

Quick Start

If you don't care about the details, just copy the following setup to your submarine. The wiring should be pretty self-explanatory from the layout, with the wires always going from the left to the right.

Component list (thanks to @FinetalPies):

  • 4 WiFi
  • 6 Memory
@PurpleBooth
PurpleBooth / README.md
Last active September 8, 2023 20:52
A github workflow pipeline for rust that does test, build and deploy windows, linux and mac, creates releases, and does SemVer Versioning, and releases to a homebrew tap

Features

  • Automatically bump SemVer
  • Update a personal homebrew tap
  • Keep that pesky version in the Cargo.toml up to date
  • (From dependabot) Get new versions out as soon as possible

Assumptions

  • You don't want a changelog
@timvisee
timvisee / falsehoods-programming-time-list.md
Last active July 3, 2025 00:02
Falsehoods programmers believe about time, in a single list

Falsehoods programmers believe about time

This is a compiled list of falsehoods programmers tend to believe about working with time.

Don't re-invent a date time library yourself. If you think you understand everything about time, you're probably doing it wrong.

Falsehoods

  • There are always 24 hours in a day.
  • February is always 28 days long.
  • Any 24-hour period will always begin and end in the same day (or week, or month).
@MohamedAlaa
MohamedAlaa / tmux-cheatsheet.markdown
Last active June 29, 2025 14:55
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@andreyvit
andreyvit / tmux.md
Created June 13, 2012 03:41
tmux cheatsheet

tmux cheat sheet

(C-x means ctrl+x, M-x means alt+x)

Prefix key

The default prefix is C-b. If you (or your muscle memory) prefer C-a, you need to add this to ~/.tmux.conf:

remap prefix to Control + a