This guide contains all the needed knowledge for performing a good subdomain enumeration. I have tried to cover each topic from a beginner's perspective. Each of the techniques used has a detailed explanation about why this technique was used and how to perform them. I have tried to link various gists, charts, statistics for a better understanding of the concept.
I have tried to include only those tools that give the best results compared to other tools of the same category.
I'm too a beginner in this field and have tried my best to explain the right concepts. If you think any of the content is wrongly explained, I am always open listen to you.
This guide may help you build your own reconnaissance methodology. I believe each one should have their own methodology and keep trying out new things and conclude which fits best for them.
I would like to mention six2dez for helping me in creating this guide.