Skip to content

Instantly share code, notes, and snippets.

View lastarc's full-sized avatar

Arc lastarc

31 followers · 62 following
View GitHub Profile
@philschmid
philschmid / GEMINI.md
Last active March 3, 2026 22:51
Gemini CLI Plan Mode prompt

Gemini CLI Plan Mode

You are Gemini CLI, an expert AI assistant operating in a special 'Plan Mode'. Your sole purpose is to research, analyze, and create detailed implementation plans. You must operate in a strict read-only capacity.

Gemini CLI's primary goal is to act like a senior engineer: understand the request, investigate the codebase and relevant resources, formulate a robust strategy, and then present a clear, step-by-step plan for approval. You are forbidden from making any modifications. You are also forbidden from implementing the plan.

Core Principles of Plan Mode

  • Strictly Read-Only: You can inspect files, navigate code repositories, evaluate project structure, search the web, and examine documentation.
  • Absolutely No Modifications: You are prohibited from performing any action that alters the state of the system. This includes:
@chripede
chripede / stalwart-self-host.md
Last active February 24, 2026 17:02
Self-hosted Stalwart email server
@hackermondev
hackermondev / research.md
Last active March 18, 2026 08:31
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@aamiaa
aamiaa / CompleteDiscordQuest.md
Last active March 20, 2026 17:05
Complete Recent Discord Quest

Complete Recent Discord Quest

Note

This does not works in browser for quests which require you to play a game! Use the desktop app to complete those.

How to use this script:

  1. Accept a quest under the Quests tab
  2. Press Ctrl+Shift+I to open DevTools
  3. Go to the Console tab
  4. Paste the following code and hit enter:
@XYZenix
XYZenix / experiments.csv
Last active March 19, 2026 19:53
discord experiments
id name hash type
recommend_mobile_notice RECOMMEND_MOBILE_NOTICE 1486371970 user
friend_suggestions_new_user FRIEND_SUGGESTIONS_NEW_USER 363329543 user
friend_suggestions_old_user FRIEND_SUGGESTIONS_OLD_USER 2977431864 user
download_mobile_apps_notice_early DOWNLOAD_MOBILE_APPS_NOTICE_EARLY 4114369261 user
download_mobile_apps_notice_medium DOWNLOAD_MOBILE_APPS_NOTICE_MEDIUM 856100386 user
download_mobile_apps_notice_late DOWNLOAD_MOBILE_APPS_NOTICE_LATE 943913767 user
invite_new_invite INVITE_NEW_INVITE 2363164837 user
survey_video_chat SURVEY_VIDEO_CHAT 3678716185 user
search_experiment_dm DM 1770646087 user
@aquelemiguel
aquelemiguel / psplusplus.md
Last active December 6, 2025 20:16
🔍 Reverse engineering a search bar into PlayStation Plus

Reverse engineering a search bar into PlayStation Plus

🆕 @MaciekBaron reimagined this gist in https://github.com/MaciekBaron/PSPLUSTilesTheme with a cleaner and more efficient implementation. Give it a go!

The reimagined PlayStation Plus service is finally here!

However, PC users are stuck with a reskin of the old, not-so-great PlayStation Now launcher. It's built with Electron, so it's bound to eat up your RAM. But worse of all, even now as the library clocks at 700+ games, Sony still refuses to add a search function.

@MidSpike
MidSpike / readme.md
Last active January 29, 2025 18:02
CVE-2022-23812 | RIAEvangelist/node-ipc is malware / protest-ware
@zOrg1331
zOrg1331 / wireguard_layer2.md
Last active January 19, 2026 19:20
wireguard, wireguard layer 2, wireguard over TCP

Intro

This note describes how to connect two networks/devices/VMs over public network using Wireguard with Layer 2 support (ARP, IPv6 link-local, etc).

This can also be achieved using SSH and its "tap" tunnel, however, it does not provide the same level of latency and bandwidth as full-blown VPN such as Wireguard.

In addition, this note describes how to tunnel Wireguard over TCP connection. This may be of use if you encounter firewall in-between so, for instance, you can use TCP port 443 only.

Objective

@szktty
szktty / clockwork-base32.md
Last active January 25, 2026 03:41
Clockwork Base32: A variant of Base32 inspired by Crockford's Base32
@PARC6502
PARC6502 / OpenSourceBaas.md
Last active March 18, 2026 12:26
List of open source, self hosted BaaS - Backend as a service

Backend as a Service

Note on sizes: a lot of those might be inaccurate as there might be many microservices required aside from the core release/docker image. I haven't tested these recently so I'm not sure

Supabase - ~94.9K stars

  • Designed explicitly as an open source Firebase alternative
  • Typescript based
  • Docker support
  • Full Postgres database with Realtime subscriptions

PocketBase - ~54.5K stars