1. Asset Discovery
   1. Dns Brute Forcing and Resolving
      1. str-replace
      2. puredns
      3. massdns
   2. Subdomain Discovery
      1. Amass
      2. subfinder
      3. findomain
2. Fingerprint
   1. HTTP Discovery
      1. httprpobe
      2. httpx
   2. Technology fingerprint
      1. httpx
   3. Screenshot
      1. aquatone
      2. goverview
   4. Spider Links
      1. gospider
      2. katana
3. OSINT
   1. Finding more links
      1. gau
   2. IP Discovery
      1. metabigor
      2. cdnstrip
4. Vulnerability Scan
   1. Nuclei
      1. Subdomain takeover
      2. Scanning with all templates
   2. Jaeles
      1. Scanning with all signatures
      2. Looking for interesting endpoints
5. Content Discovery
   1. Filtering and Beautify the output format
   2. FFUF
      1. Looping for each domain and run ffuf on it
6. Port Scan
   1. Full port scan
      1. rustscan
   2. Service Fingerprint
      1. metabigor
   3. Vulnerability Scan
   4. Content Discovery
   5. Scanning based on open ports