CTFR
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
Do you miss AXFR technique? This tool allows to get the subdomains from a HTTP**S** website in a few seconds.
How it works? CTFR does not use neither dictionary attack nor brute-force, it just abuses of Certificate Transparency logs.