Skip to content

Instantly share code, notes, and snippets.

View anhwaivo's full-sized avatar
:octocat:
uhhhhhhhhhhhhhhhhhhhhhhhhhhhh

Anhwaivo anhwaivo

:octocat:
uhhhhhhhhhhhhhhhhhhhhhhhhhhhh
11 followers · 38 following
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active December 8, 2025 22:28
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@uhwot
uhwot / qbztoken.user.js
Last active November 21, 2025 20:15
allows logging in via auth tokens on play.qobuz.com
// ==UserScript==
// @name qobuz auth token login
// @namespace io.github.uhwot.qbztoken
// @match https://play.qobuz.com/*
// @grant none
// @version 1.0
// @author uh wot
// @description allows logging in via auth tokens on qobuz
// @homepageURL https://gist.github.com/uhwot/8250904f3e4bfbad684c5ec26943e082
// @downloadURL https://gist.github.com/uhwot/8250904f3e4bfbad684c5ec26943e082/raw/qbztoken.user.js
@NONPLAYT
NONPLAYT / AllTheLinks.md
Last active August 13, 2025 22:36 — forked from SoSeDiK/AllTheLinks.md
Contains some links of different Minecraft server Software
@XiaoPanPanKevinPan
XiaoPanPanKevinPan / .env-template
Last active November 24, 2025 17:49
Vencord For Firefox (Self-built, Non-official)
EXT_ID=
WEB_EXT_API_KEY=
WEB_EXT_API_SECRET=
OUTPUT_FILENAME=
@Soheab
Soheab / API's.md
Last active November 23, 2025 13:27
See here some of the API's you can use in your discord bot or anything

Some APIs for you.

Here are some APIs you can use in your Discord bot or any other project. For any help or questions on how to use one, please contact the owner of the API and not me.

A bigger list of APIs can be found at: https://github.com/public-apis/public-apis

[TOKEN] = API requires a token to access some if not all endpoints.

@L04DB4L4NC3R
L04DB4L4NC3R / rm.sh
Created May 9, 2020 11:32
Remove kali bloatware
sudo apt-get --purge autoremove acccheck ace-voip amap automater braa casefile cdpsnarf cisco-torch cookie-cadger copy-router-config dmitry dnmap dnsenum dnsmap dnsrecon dnstracer dnswalk dotdotpwn enum4linux enumiax exploitdb fierce firewalk fragroute fragrouter ghost-phisher golismero goofile lbd maltego-teeth masscan metagoofil miranda nmap p0f parsero recon-ng set smtp-user-enum snmpcheck sslcaudit sslsplit sslstrip sslyze thc-ipv6 theharvester tlssled twofi urlcrazy wireshark wol-e xplico ismtp intrace hping3 bbqsql bed cisco-auditing-tool cisco-global-exploiter cisco-ocs cisco-torch copy-router-config doona dotdotpwn greenbone-security-assistant hexorbase jsql lynis nmap ohrwurm openvas-cli openvas-manager openvas-scanner oscanner powerfuzzer sfuzz sidguesser siparmyknife sqlmap sqlninja sqlsus thc-ipv6 tnscmd10g unix-privesc-check yersinia aircrack-ng asleap bluelog blueranger bluesnarfer bully cowpatty crackle eapmd5pass fern-wifi-cracker ghost-phisher giskismet gqrx kalibrate-rtl killerbee kismet mdk