All Posts

Published on
March 27, 2026
Bypassing WAF Method Blocks with X-HTTP-Method-Override
Cyber-Security Bug-Bounty WAF-Bypass Web-Security
How an OPTIONS request with x-http-method-override can bypass blocked GET/POST methods, and how defenders can shut it down
Published on
March 23, 2026
Bypassing Imperva Incapsula WAF with a Cookie Jar Overflow
Cyber-Security Bug-Bounty WAF-Bypass Web-Security
How a cookie jar overflow attack allowed me to completely bypass Imperva Incapsula's reese84 token validation
Published on
October 2, 2025
Wiz Cloud Security Championship Challenge 4
Cyber-Security Bug-Bounty CTF Fuzzing
A walkthrough on my solution for Wiz's Needle in a Haystack CTF
Published on
September 16, 2025
Wiz Cloud Security Championship Challenge 3
Azure Cyber-Security Bug-Bounty CTF
A walkthrough on my solution for Wiz's Breaking The Barriers CTF

Bypassing WAF Method Blocks with X-HTTP-Method-Override