I finally got to publishing a tool, which due to a number of reasons, has not happened for quite some time now. The MSSQLScan tool scans for Microsoft SQL Server *surprise*. It does so by using UDP which means that it can either discover servers by hitting a broadcast address or by querying each and everyone. This will make sure that you find all instances and servers that no longer use the 1433 TCP port due to dynamic port allocations.
As usual your more than welcome to provide me with feedback, suggestions or bug reports.