Subscan is a Go-based CLI tool that helps bug bounty hunters and pentesters with subdomain discovery (passive and brute-force), scoring (HTTP/TLS/CNAME), and misconfig probes (takeovers, open .envs, S3 buckets, etc).Output formats include JSON/CSV/HTML/Markdown.
GitHub: https://github.com/omerimzali/subscan
Looking for feedback!