Found this scrounging around looking for attack surface tools, but added a lot and re-wrote.
This Go script takes a top level domain and scrapes, searches for subdomains then runs a couple of different nmap scans on the TLD and all subdomains and saves a report in XML and HTML. The script always requires a bit of XML parsing adjusting, but it does work!
Read the code! Do not run code that you do not read! Or, otherwise trust. If you want the results uploaded to a website or FTP server, then edit lines 472-475.
LICENSE: DO WHAT YOU WANT WITH IT AND I AM ABSOLUTELY NOT RESPONSIBLE FOR ANY DAMAGE, NOT RESPONSIBLE FOR YOUR PRISON SENTENCE AND IN NO OTHER WAY RESPONSIBLE FOR ANYTHING THAT COMES FROM THIS CODE.