Skip to content

Instantly share code, notes, and snippets.

View Steffo99's full-sized avatar

Stefano Pigozzi Steffo99

130 followers · 119 following
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active April 28, 2025 07:48
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@OrionReed
OrionReed / dom3d.js
Last active April 19, 2025 12:06
3D DOM viewer, copy-paste this into your console to visualise the DOM topographically.
// 3D Dom viewer, copy-paste this into your console to visualise the DOM as a stack of solid blocks.
// You can also minify and save it as a bookmarklet (https://www.freecodecamp.org/news/what-are-bookmarklets/)
(() => {
const SHOW_SIDES = false; // color sides of DOM nodes?
const COLOR_SURFACE = true; // color tops of DOM nodes?
const COLOR_RANDOM = false; // randomise color?
const COLOR_HUE = 190; // hue in HSL (https://hslpicker.com)
const MAX_ROTATION = 180; // set to 360 to rotate all the way round
const THICKNESS = 20; // thickness of layers
const DISTANCE = 10000; // ¯\\_(ツ)_/¯
@emidoots
emidoots / ramblings.md
Last active December 25, 2024 04:39
Because cross-compiling binaries for Windows is easier than building natively

Because cross-compiling binaries for Windows is easier than building natively

I want Microsoft to do better, want Windows to be a decent development platform-and yet, I constantly see Microsoft playing the open source game: advertising how open-source and developer friendly they are - only to crush developers under the heel of the corporate behemoth's boot.

The people who work at Microsoft are amazing, kind, talented individuals. This is aimed at the company's leadership, who I feel has on many occassions crushed myself and other developers under. It's a plea for help.

The source of truth for the 'open source' C#, C++, Rust, and other Windows SDKs is proprietary

You probably haven't heard of it before, but if you've ever used win32 API bindings in C#, C++, Rust, or other languages, odds are they were generated from a repository called microsoft/win32metadata.

@ProtoxiDe22
ProtoxiDe22 / dickbutt.py
Created February 15, 2022 22:25
the script use to draw a dickbutt on my new Revolut card (it somehow got approved regardless of the "no offensive material" policy)
import mouse
#body
# points = [[400.9566931754351,429.8411270159483],[400.5581525182724,428.94293463230133],[400.143625417063,428.02482321775517],[399.7360731302295,427.11726247153246],[399.32938103805293,426.2043925894518],[398.9215875165898,425.2806834694662],[398.5205555374641,424.36328360880725],[398.1238949173328,423.44631059479786],[397.73169952023886,422.52947501023186],[397.34224491349306,421.6081092651945],[396.9590319919342,420.6898416463065],[396.5785645839665,419.765513070589],[396.203315288797,418.84014256559317],[395.82908981661313,417.9020702831168],[395.4644751184469,416.97151804091993],[395.1051215028762,416.0360552930832],[394.753146524612,415.0993285800645],[394.41066773836496,414.1649844423216],[394.07411442242557,413.22045889593664],[393.7518168993201,412.286017719293],[393.4357819835562,411.3340557240974],[393.13037143230434,410.3705361223221],[392.8448401240015,409.41726092753584],[392.5756291030964,408.45180568701005],[392.33042768760583,407.4848576713447],[392.1128494262695,406.50325
@motorailgun
motorailgun / idea.md
Last active April 11, 2025 11:36
Installing Windows and Linux into the same partition

Installing Windows and Linux into the same partition

But WHY?

There was a reddit post about installing Arch on NTFS3 partition. Since Windows and Linux doesn't have directories with same names under the /(C:\), I thought it's possible, and turned out it was actually possible.
If you are not familiar to Linux, for example you've searched on Google "how to dualboot Linux and Windos" or brbrbr... you mustn't try this. This is not practical.

Pre-requirements

  • UEFI system
  • Any Linux live-boot CD/DVD/USB... with Linux kernel newer than 5.15
  • Windows installer USB
@Steffo99
Steffo99 / .README.md
Created July 22, 2020 01:36
Plasma: Allow F13, F14, F15, ..., F24 to be bound on Dota 2

Add the following lines to ~/.Xmodmap and ensure "Bind keys based on keyboard position" is DISABLED.

@Steffo99
Steffo99 / scjingle.md
Created February 3, 2020 13:46

Custom Steam Controller Jingles

  1. Install MuseScore 3
  2. Create a new score for Piano with your jingle
  3. Export it as uncompressed musicXML (file.musicxml)
  4. Download the OpenSteamController serial firmware
  5. While holding down RT, connect the Steam Controller to the PC via USB: a new FAT12 filesystem "CRP DISABLED" should appear, with a firmware.bin file inside
  6. Backup firmware.bin file on your computer
  7. Delete firmware.bin from CRP DISABLED
  8. Rename the previously downloaded serial firmware to firmware.bin and place it in CRP DISABLED