Skip to content

Instantly share code, notes, and snippets.

View bedros-p's full-sized avatar
😁

Bedros Pamboukian bedros-p

😁
24 followers · 21 following
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active March 11, 2025 23:10
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@LawfulLeah
LawfulLeah / PasteThisInF12Console.js
Last active March 4, 2025 03:50 — forked from bedros-p/patcherooni.js
AI Studio patch to actually get the features users want (remade and with new additions via the help of Gemini 2.0 pro, Gemini Flash 2.0, Gemini Flash 2.0 Thinking, and Gemini Experimental 1206), along with some performance improvements.. Instructions: Paste in **in the devtool's console** after opening a prompt, and wait 5 seconds (for the scrip…
/**
* This script modifies Google's MakerSuite to add sliders for controlling
* Top K, Frequency Penalty, Presence Penalty, and Seed during text generation.
* It intercepts the serialization process to inject these parameters into
* the AI model's request payload.
* The Seed slider also gets a secondary button for generating a random seed.
* It also provides a checkbox to disable the frequency and presence penalties.
*/
/**
@bedros-p
bedros-p / patcherooni.js
Created January 5, 2025 00:27
AI Studio patch to actually get the features users want
// This code structure is the function that provides a stable "reference" so that it gets the proper variable
const regex = /function\(\){var a=new _\...,b=new ..;return _\.(..)\(a,..,1,b\)}/gm;
// Reference to the null checker function used in serialization (and many other things [will filter later])
let nullchecker = ""
let nullcheckerWrapper = Object.keys(default_MakerSuite).find(
(makersuite_key) => {
const key = default_MakerSuite[makersuite_key]
if (typeof key != "function") return false
const sample_obj = {} // Was using for .bind() when testing injecting directly into the store.
// Might reuse later, but I can do things perfectly fine without access to the angular store so it was just unnecessary code