Tool used to find vulnerable routers and devices on the Internet and perform tests
So I'm scanning the Internet with a DNS version request, because it'd be a useful datapoint in my Friday #Brucon talk mentioning that BIND is still the overwhelming favorite DNS server on the Internet. The abuse reports are an interesting read, such as one that claims "This activity is neither just a scanning nor unexpected attempts, but a sophisticated attack". Nope, it's just scanning, and terribly unsophisticated
Abstract While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. We used these devices to build a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage.