Skip to content

Instantly share code, notes, and snippets.

View CodingKoopa's full-sized avatar
💜

Koopa CodingKoopa

💜
86 followers · 668 following
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active December 10, 2025 19:08
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@thesamesam
thesamesam / xz-backdoor.md
Last active December 9, 2025 03:22
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

@TuxSH
TuxSH / k11_latest_n3ds.cpp
Last active July 27, 2025 15:06
Complete 3DS kernel decompilation (11.14-latest N3DS Kernel11, with labels for all symbols, and comments)
This file has been truncated, but you can view the full file.
/* This file was generated by the Hex-Rays decompiler.
Copyright (c) 2007-2020 Hex-Rays <[email protected]>
Detected compiler: GNU C++
*/
#include <defs.h>
@SciresM
SciresM / 17.0.0_Save_Issue.md
Last active November 7, 2025 19:58

17.0.0 Save File Management

Hello! It's been a while since I've done any write-ups, but I thought I'd do one to (hopefully) bring a little clarity to a situation that's been causing a lot of confusion and misinformation.

I'm thinking I'll go through what the problem is and why it happens. So, I guess, let's dive in:

What's happening?

Some people are finding that upon updating to 17.0.0, their consoles are getting a blackscreen and refusing to boot further.

@Henje
Henje / papers_please_fix.cpp
Last active February 28, 2023 23:10
Simple hack to disable joystick scanning and remove stutters from Papers Please.
#include <string>
#include <dlfcn.h>
#include <stdio.h>
#include <sys/mman.h>
#include <unistd.h>
#include <errno.h>
#include <stdlib.h>
using namespace std::literals;
@alanbixby
alanbixby / vscode-g7-installer.sh
Created October 29, 2021 16:52
Installing Visual Studio Code in G7 without sudo access:
#!/usr/bin/env bash
# Created by Alan Bixby (10/29/2021)
# Installs a portable version of Visual Studio code in "$/HOME/.bin", since students lack write access to /usr/bin or sudo access to use the get-apt installer.
# TODO: Tested to be functional, but I still need to add functionality to prevent running on an invalid OS, or from attempting to run it multiple times (after it previously working).
SAVE_DIR=".bin"
mkdir $HOME/$SAVE_DIR
wget -O "$HOME/$SAVE_DIR/VSCode-linux-x64.tar.gz" "https://code.visualstudio.com/sha/download?build=stable&os=linux-x64"
@kiram9
kiram9 / gist:3a5415a015e7e70a4a8c2f9f3f4e623d
Created September 27, 2021 22:59
Framework Laptop port80 codes
//
// SEC Functionality
//
#define SEC_SYSTEM_POWER_ON 0x01 // CPU power on and switch to Protected mode
#define SEC_BEFORE_MICROCODE_PATCH 0x02 // Patching CPU microcode
#define SEC_AFTER_MICROCODE_PATCH 0x03 // Setup Cache as RAM
#define SEC_ACCESS_CSR 0x04 // PCIE MMIO Base Address initial
#define SEC_GENERIC_MSRINIT 0x05 // CPU Generic MSR initial
#define SEC_CPU_SPEEDCFG 0x06 // Setup CPU speed
#define SEC_SETUP_CAR_OK 0x07 // Cache as RAM test
@0xabad1dea
0xabad1dea / copilot-risk-assessment.md
Last active June 26, 2025 22:23
Risk Assessment of GitHub Copilot

Risk Assessment of GitHub Copilot

0xabad1dea, July 2021

this is a rough draft and may be updated with more examples

GitHub was kind enough to grant me swift access to the Copilot test phase despite me @'ing them several hundred times about ICE. I would like to examine it not in terms of productivity, but security. How risky is it to allow an AI to write some or all of your code?

Ultimately, a human being must take responsibility for every line of code that is committed. AI should not be used for "responsibility washing." However, Copilot is a tool, and workers need their tools to be reliable. A carpenter doesn't have to

@rlaphoenix
rlaphoenix / windows-7-plus-build-env-for-nitro.md
Last active July 11, 2023 18:10
Windows 7+ Build Environment for Nintendo NITRO-System (Nintendo DS) compiling.
@LambdAurora
LambdAurora / optifine_alternatives_fabric.md
Last active August 5, 2025 13:20
Recommended OptiFine alternatives on Fabric

The list is moving out!

If you share this list, please use this link instead: https://lambdaurora.dev/optifine_alternatives

It may still be only a redirection link, but it will have a better web display of the list soon. And the list being on GitHub/GitHub pages improves load times.

The gist version of this list will stop being updated.

Why?