Skip to content

Instantly share code, notes, and snippets.

View TheLastZombie's full-sized avatar

Sunny TheLastZombie

178 followers · 322 following
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active December 11, 2025 21:50
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@hopeseekr
hopeseekr / StackOverflow Stats.md
Last active December 11, 2025 20:25
StackOverflow Dec 2024 stats

Disclaimer: I'm in the Top 1% of StackOverflow contributors with 23,315 rep points.

I asked 1 high-quality question in 2024, and it was closed almost immediately, and I haven't engaged with the site since.

If someone with 20,000+ karma has their nicely-formatted questions closed so quickly, what must the newbies and rank-in-file encounter? This is probably a big reason why it's declining.

@chamlis
chamlis / communityworld
Last active April 15, 2025 17:53
All the Packages
2bwm-doc=0.3-r2
2bwm=0.3-r2
6tunnel-doc=0.13-r2
6tunnel=0.13-r2
7zip-doc=23.01-r0
7zip=23.01-r0
R-dev=4.4.0-r0
R-doc=4.4.0-r0
R-mathlib=4.4.0-r0
R=4.4.0-r0
@hackermondev
hackermondev / zendesk.md
Last active December 15, 2025 03:31
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@izabera
izabera / bash_quiz.md
Last active January 6, 2025 17:46

This is from man bash:

A pipeline is a sequence of one or more commands separated by one of the control operators | or |&. The format for a pipeline is:

[ time [ -p ]] [ ! ] command [ [ | | |& ] command2 ... ]

This is the only place in which ! can appear. It never prefixes commands, it prefixes pipelines.

@rendello
rendello / _utf8_case_data.rs
Last active March 11, 2025 21:53
Unicode codepoints that expand or contract when case is changed in UTF-8. Good for testing parsers. Includes the data `utf8_case_data.rs` and the script to generate it, `generate_utf8.py`.
/*
Copyright (c) 2024 Rendello
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
@marcelofern
marcelofern / converter.c
Created August 26, 2024 09:39
Website converter (.md -> .html)
/* converter.c
*
* This code converts `.md` files into `.html` files.
*
* The main use is to write a static website in `.md` files, and then run this
* program to convert it to `.html`
*
* The program relies on the following variables:
*
* - INPUT_FOLDER: full path of the website with `.md` files.
@thedoggybrad
thedoggybrad / youtube_to_youtube_no_cookie_embed_player.js
Last active December 10, 2025 15:50
Automatically redirect YouTube video URLs to a much privacy-friendly viewer which is the No Cookie Official YouTube Embed. Enjoy YouTube videos with no ads and trackers.
@DjMaxd
DjMaxd / gist:948e84dd4a2c29872e51110df8a92610
Created July 20, 2024 00:35
////////////[!DISCLAIMER!]////////////
90-70% of Bloodlight lore is collected here.
Information taken from the author's X.com (https://x.com/00_Homura), PillowFort (https://www.pillowfort.social/02_Homura) and RetroSpring (https://retrospring.net/@H0mura).
Most information is provided in Q/A format without user names or separations. The only separations are my "map legend" and an empty paragraph between pieces of lore.
Also, some information is provided simply in the form of copied text under the author’s posts.
The main focus was on the world setting and Mother Almonde. So there is either no information on some characters at all, or just a little bit.
@timothyham
timothyham / ipv6guide.md
Last active December 4, 2025 16:38
A Short IPv6 Guide for Home IPv4 Admins

A Short IPv6 Guide for Home IPv4 Admins

This guide is for homelab admins who understand IPv4s well but find setting up IPv6 hard or annoying because things work differently. In some ways, managing an IPv6 network can be simpler than IPv4, one just needs to learn some new concepts and discard some old ones.

Let’s begin.

First of all, there are some concepts that one must unlearn from ipv4:

Concept 1