Oof! A project I've been working on for about a year at $DAYJOB got finally released as FLOSS:
https://gitlab.com/isnic/prober
The basic idea is:
1. get your DNS zone file
2. set up some rules for each host
3. deploy this to a small VM somewhere
4. check the generated test results every day to see if there are any surprisingly open ports, hosts that should not be up/pingable, or #TLS config that is less than great on some endpoints
I need to document it a bit better, yes.
bonifartius 𒂼𒄄
