NullRabbit Scanning Transparency

Who We Are

NullRabbit builds autonomous defence systems for decentralised infrastructure. We protect validators, staking services, and protocol foundations from threats that move faster than humans can respond.

Part of that work involves understanding the threat landscape. We scan publicly exposed infrastructure to identify vulnerabilities that operators may not know about - the same vulnerabilities that attackers are already looking for.

What We Scanned

Our scans are non-invasive. We do not:

• Attempt to exploit vulnerabilities
• Access, modify, or exfiltrate any data
• Perform denial-of-service testing
• Brute-force credentials or authentication
• Scan internal or private networks
• Exceed standard connection rates

We examine only what is already publicly visible: open ports, service banners, TLS configurations, and protocol-level metadata. This is the same information available to anyone on the internet - including the people you don't want finding it.

Why We Do This

We scan because we believe operators deserve to know what's exposed before someone else finds it first.

Scanner IPs

We publish a full list of every IP address we scan from - past and present - so you can verify whether traffic in your logs originated from NullRabbit.

Opt Out

We respect your right to not be scanned. To opt out, email us at security@nullrabbit.ai with the IP addresses or CIDR ranges you'd like excluded. Opt-outs are processed within 24 hours.

Contact

For questions about our scanning, to request findings, or to report an issue:

security@nullrabbit.ai