Replace jsluice/tree-sitter with pure-Go JS endpoint extractor

Proposed changes

Removes github.com/BishopFox/jsluice and its go-tree-sitter CGO dependency
Replaces it with a pure-Go JavaScript AST-based URL extractor using github.com/dop251/goja parser
Removes platform-specific build tags (parser_generic.go, parser_nojs.go) — extraction now works on all platforms including 386 and Windows

Implementation

New pkg/utils/jsextract package that parses JavaScript with goja and walks the AST to extract URL endpoints
Detects URLs from: fetch(), XHR .open(), window.open(), location assignments, jQuery/axios calls, setAttribute(), string literals, template literals, and string concatenation
Falls back to regex extraction when JavaScript parsing fails
Comprehensive test suite covering all extraction patterns

Test plan:

Added unit tests in pkg/utils/jsextract/extractor_test.go covering fetch, XHR, location, window.open, string literals, template literals, string concatenation, jQuery/axios, setAttribute, arrow functions, classes, and regex fallback
Existing pkg/utils/jsluice_test.go tests pass against the new implementation
Full go test ./… passes with no failures
updated documentation

Pull request is created against the dev branch
All checks passed (lint, unit/integration/regression tests etc.) with my changes
I have added tests that prove my fix is effective or that my feature works
I have added necessary documentation (if appropriate)

fixes #1367 /claim #1367

New Features
- Added an AST-driven JavaScript URL extraction utility to detect endpoints more robustly.
Improvements
- Replaced prior JS parsing with AST analysis for improved accuracy and cross-platform parsing.
- Simplified build/install by removing forced CGO enablement.
Documentation
- Updated CLI flag text and installation instructions to reflect the new parsing approach.
Tests
- Expanded unit tests and benchmarks to cover many JS patterns and extraction scenarios.
Chores
- Reduced build-stage tooling in the container image.