The recon.sh script contain the process of reconnaissance on a domain.
during this process i used multiple tools such as Sublist3r,httprobe and eyewitness.
here is the links for these project so that you can run the script.
httprobe: https://github.com/tomnomnom/httprobe Sublist3r: https://github.com/aboul3la/Sublist3r Eyewitness: https://github.com/FortyNorthSecurity/EyeWitness to note that eyewitness could be installed directly in linux using " sudo apt-get install eyewitness"
A subdomains script has been added to the directory, so now we could sudomains using crt.sh certspotter and a lot of other tools. more subdomains means more information on the domain, COOL!!