Hi, I'm Blake Ellis.

Cloud Engineer passionate about building secure, scalable infrastructure and exploring cybersecurity challenges. Sharing insights on cloud technologies, security best practices, and my adventures in bug bounty hunting.

Bypassing WAF Method Blocks with X-HTTP-Method-Override

Cyber-Security Bug-Bounty WAF-Bypass Web-Security

How an OPTIONS request with x-http-method-override can bypass blocked GET/POST methods, and how defenders can shut it down

March 23, 2026

Bypassing Imperva Incapsula WAF with a Cookie Jar Overflow

Cyber-Security Bug-Bounty WAF-Bypass Web-Security

How a cookie jar overflow attack allowed me to completely bypass Imperva Incapsula's reese84 token validation

October 2, 2025

Wiz Cloud Security Championship Challenge 4

Cyber-Security Bug-Bounty CTF Fuzzing

A walkthrough on my solution for Wiz's Needle in a Haystack CTF

September 16, 2025

Wiz Cloud Security Championship Challenge 3

Azure Cyber-Security Bug-Bounty CTF

A walkthrough on my solution for Wiz's Breaking The Barriers CTF

Hi, I'm Blake Ellis.

Recent Posts

Bypassing WAF Method Blocks with X-HTTP-Method-Override

Bypassing Imperva Incapsula WAF with a Cookie Jar Overflow

Wiz Cloud Security Championship Challenge 4

Wiz Cloud Security Championship Challenge 3