Skip to content

Instantly share code, notes, and snippets.

View ryanttb's full-sized avatar

Ryan Morrison~Westphal ryanttb

41 followers · 27 following
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active May 8, 2025 17:41
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@veekaybee
veekaybee / normcore-llm.md
Last active May 15, 2025 00:06
Normcore LLM Reads

Anti-hype LLM reading list

Goals: Add links that are reasonable and good explanations of how stuff works. No hype and no vendor content if possible. Practical first-hand accounts of models in prod eagerly sought.

Foundational Concepts

Screenshot 2023-12-18 at 10 40 27 PM

Pre-Transformer Models

@kconner
kconner / macOS Internals.md
Last active May 15, 2025 02:32
macOS Internals

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

@adamf
adamf / print_csv_field.py
Created August 14, 2017 23:06
import csv
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('--field', help='field number to output')
parser.add_argument('--filename', help='filename to parse')
args = parser.parse_args()
with open(args.filename) as csvfile:
fields = csv.reader(csvfile)
@telbiyski
telbiyski / install phantomjs 2.1.1 - ubuntu
Last active April 18, 2025 15:54
sudo apt-get update
sudo apt-get install build-essential chrpath libssl-dev libxft-dev -y
sudo apt-get install libfreetype6 libfreetype6-dev -y
sudo apt-get install libfontconfig1 libfontconfig1-dev -y
cd ~
export PHANTOM_JS="phantomjs-2.1.1-linux-x86_64"
wget https://github.com/Medium/phantomjs/releases/download/v2.1.1/$PHANTOM_JS.tar.bz2
sudo tar xvjf $PHANTOM_JS.tar.bz2
sudo mv $PHANTOM_JS /usr/local/share
sudo ln -sf /usr/local/share/$PHANTOM_JS/bin/phantomjs /usr/local/bin
@paulirish
paulirish / what-forces-layout.md
Last active May 16, 2025 17:21
What forces layout/reflow. The comprehensive list.

What forces layout / reflow

All of the below properties or methods, when requested/called in JavaScript, will trigger the browser to synchronously calculate the style and layout*. This is also called reflow or layout thrashing, and is common performance bottleneck.

Generally, all APIs that synchronously provide layout metrics will trigger forced reflow / layout. Read on for additional cases and details.

Element APIs

Getting box metrics
  • elem.offsetLeft, elem.offsetTop, elem.offsetWidth, elem.offsetHeight, elem.offsetParent
@dhoelzgen
dhoelzgen / base_controller.rb
Last active October 7, 2021 16:19
CORS in Rails 4 APIs
class API::V1::BaseController < ApplicationController
skip_before_filter :verify_authenticity_token
before_filter :cors_preflight_check
after_filter :cors_set_access_control_headers
def cors_set_access_control_headers
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, PUT, DELETE, OPTIONS'
@julionc
julionc / 00.howto_install_phantomjs.md
Last active March 24, 2025 17:27
How to install PhantomJS on Debian/Ubuntu

How to install PhantomJS on Ubuntu

Version: 1.9.8

Platform: x86_64

First, install or update to the latest system software.

sudo apt-get update
sudo apt-get install build-essential chrpath libssl-dev libxft-dev
@yanofsky
yanofsky / LICENSE
Last active March 14, 2025 18:19
A script to download all of a user's tweets into a csv
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit
@them0nk
them0nk / rspec_rails_cheetsheet.rb
Created March 23, 2012 03:39
Rspec Rails cheatsheet (include capybara matchers)
#Model
@user.should have(1).error_on(:username) # Checks whether there is an error in username
@user.errors[:username].should include("can't be blank") # check for the error message
#Rendering
response.should render_template(:index)
#Redirecting
response.should redirect_to(movies_path)