oosexclude is a CLI tool that filters out out-of-scope subdomains from a list based on a predefined or custom exclude list.
Remove outofscope subdomains from https://github.com/rix4uni/scope/blob/main/data/outofscope.txt or a local outofscope.txt file.
This tool is primarily used by security professionals and penetration testers to automatically remove subdomains that are out of scope from their reconnaissance data, ensuring focus on relevant targets. It helps streamline vulnerability scanning and security assessments by excluding unwanted domains based on customizable patterns.
Ensure the exclude list patterns are kept up to date for accurate filtering. The tool relies on pattern matching with wildcards, so carefully crafting exclude rules is important to avoid unintentionally filtering in-scope subdomains. It integrates well into automated pipelines for reconnaissance and vulnerability scanning workflows.
Run `go install github.com/rix4uni/oosexclude@latest` to install via Go
Download prebuilt binaries from the GitHub releases page
Use `wget` to download the Linux binary tarball
Extract the tarball with `tar -xvzf`
Remove the tarball after extraction
Move the binary to your Go bin directory (`~/go/bin/oosexclude`)
Alternatively, clone the repo with `git clone --depth 1 github.com/rix4uni/oosexclude.git`
Change directory to the cloned repo and run `go install` to compile from sourcecat allsubs.txt | oosexclude
Filters subdomains from allsubs.txt using the default exclude list URL.
cat allsubs.txt | oosexclude -e outofscope.txt
Filters subdomains using a custom local exclude list file.
cat allsubs.txt | oosexclude -e https://example.com/custom_outofscope.txt
Filters subdomains using a custom exclude list from a specified URL.
oosexclude --verbose
Enables verbose mode to show which subdomains are ignored or not.
oosexclude -v
Prints the version of the tool and exits.