Published: ** 07 Dec 2025 **
[Tweet](https://twitter.com/intent/tweet?text=Check%20out%20Pentesterlab’s%20post:%20Research Worth Reading Week 49/2025!)
WAF bypasses, CVE research & constant-time crypto.
⏰ Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits explains their work on adding constant-time support to LLVM so that compiled cryptographic code remains constant-time: Introducing constant-time support for LLVM to protect cryptographic code .
⛔️ Bypassing WAFs for Fun and JS Injection with Parameter Pollution
A great summary of the current state of HTTP parameter pollution as a way to bypass WAFs: [Bypassing WA…
Published: ** 07 Dec 2025 **
[Tweet](https://twitter.com/intent/tweet?text=Check%20out%20Pentesterlab’s%20post:%20Research Worth Reading Week 49/2025!)
WAF bypasses, CVE research & constant-time crypto.
⏰ Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits explains their work on adding constant-time support to LLVM so that compiled cryptographic code remains constant-time: Introducing constant-time support for LLVM to protect cryptographic code .
⛔️ Bypassing WAFs for Fun and JS Injection with Parameter Pollution
A great summary of the current state of HTTP parameter pollution as a way to bypass WAFs: Bypassing WAFs for Fun and JS Injection with Parameter Pollution .
🧐 How to Research & Reverse Web Vulnerabilities 101
One of my favourite hobbies (CVE analysis) is covered in this blog post from the ProjectDiscovery team: How to Research & Reverse Web Vulnerabilities 101 .
Written by PentesterLab
The platform to learn web hacking and security code review
Related Blog Post
☝️