Fierce Domain Scan
According to the ha.ckers blog, Fierce Domain Scan "was born out of personal frustration after performing a web application security audit. It is traditionally very difficult to discover large swaths of a corporate network that is non-contiguous. It's terribly easy to run a scanner against an IP range, but if the IP ranges are nowhere near one another you can miss huge chunks of networks." Fierce is designed specifically to pinpoint likely targets inside and outside a corporate network. It is essentially a reconnaissance tool, a PERL script built to scan domains within minutes, using a variety of tactics.