Skip to content
View luckyblake02-svg's full-sized avatar

Block or report luckyblake02-svg

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
luckyblake02-svg/README.md

Hi, I'm Blake Miller 👋

Cybersecurity Analyst based in Olathe, KS. I specialize in identity security, SOC automation, and cloud security operations — mostly in Microsoft/Azure environments. I script to solve real problems I run into at work, so everything here has been used in production.


🔧 What I Build

Area Tools & Tech
Identity & Threat Detection Azure AD, Microsoft Graph, Identity Protection API
SOC Automation PowerShell, Python, Ansible
Patch & Vulnerability Management MSRC API, Intune, ConnectWise Control
Cloud Infrastructure Azure, Cloudflare, Terraform (aztfexport)
Incident Response Active Directory, Microsoft 365, AbuseIPDB

🚀 Featured Projects

Map CVEs → KBs → devices. Bridges the MSRC Security Updates API, Microsoft Graph/Intune, and ConnectWise Control to answer the question every security team dreads: "Are we patched?" — with actual proof from live machines.

Three-script Python toolkit for detecting the axios user agent in Azure AD risky user sign-ins — a near-certain indicator of compromise. Includes interactive console mode, automated email reporting, and an Outlook inbox watcher that triggers automated response when Azure sends risk alerts.

PowerShell automation for SOC response playbooks. Currently includes phishing response: notify user, CC manager, disable AD account, rotate credentials, and revoke Azure sessions — all in one run.

🖥️ ansible

Ansible playbooks for automating Linux machine administration at scale.

Exports Azure resource groups via aztfexport and dumps all conditional access policies into human-readable format in a single script.

Bulk-migrates domains from DNSimple to Cloudflare. Adaptable to any similar DNS migration.


📫 Connect

LinkedIn GitHub

Pinned Loading

  1. ansible ansible Public

    I wrote Ansible code to automate administration of Linux machines.

    Shell

  2. autoPlaybooks autoPlaybooks Public

    Automation of various playbooks such as phishing notifications

    PowerShell

  3. axiosDetections axiosDetections Public

    Detection pipeline for AiTM/credential abuse in Azure Identity Protection — identifies axios user agent as a high-confidence IoC, enriches with AbuseIPDB, and automates alerting and response.

    Python

  4. azure-export azure-export Public

    This script will export resource groups from azure using the aztfexport tool. After that, it will export all conditional access policies in a human-readable format with another tool. Finally, it wi…

    PowerShell

  5. cloudflare-transfer cloudflare-transfer Public

    Transfer all DNSimple hosted domains to Cloudflare. This can be modified to work in any environment

    PowerShell

  6. KB-Checker KB-Checker Public

    Map CVEs to KBs, vice versa, and check whether the KBs are applied to machines via ScreenConnect (optional)

    PowerShell