File tree 2 files changed +45
-1
lines changed
2 files changed +45
-1
lines changed Original file line number Diff line number Diff line change 33Prototype tool for filtering URLs and domains supplied on stdin to make sure they meet one of a set of regular expressions.
44
55In theory this should be useful for filtering the output of other tools to only include items that are in scope for a bug bounty program.
6+
7+ ## Install
8+
9+ ```
10+ ▶ go get -u github.com/tomnomnom/hacks/inscope
11+ ```
12+
13+ ## Usage
14+
15+ Pipe URLs and/or domains into it on stdin:
16+
17+ ```
18+ ▶ cat testinput
19+ https://example.com/footle
20+ https://inscope.example.com/some/path?foo=bar
21+ https://outofscope.example.net/bar
22+ example.com
23+ example.net
24+
25+ ▶ cat testinput | inscope
26+ https://example.com/footle
27+ https://inscope.example.com/some/path?foo=bar
28+ example.com
29+ http://sub.example.com
30+ ```
31+
32+ ## Scope Files
33+
34+ The tool reads regexes from a file called ` .scope ` in the current working directory.
35+ If it doen't find one it recursively checks the parent directory until it hits the root.
36+
37+ Here's an example ` .scope ` file:
38+
39+ ```
40+ .*\.example\.com$
41+ ^example\.com$
42+ .*\.example\.net$
43+ !.*outofscope\.example\.net$
44+ ```
45+
46+ Each line is a regular expression to match domain names. When URLs are provided as input they
47+ are parsed and only the hostname/domain portion is checked against the regex.
48+
49+ Line starting with ` ! ` are treated as negative matches - i.e. any domain matching that regex will
50+ be considered out of scope even if it matches one of the other regexes.
Original file line number Diff line number Diff line change @@ -59,7 +59,6 @@ func newScopeChecker(r io.Reader) (*scopeChecker, error) {
5959
6060 isAnti := false
6161 if p [0 ] == '!' {
62- fmt .Println ("we have a negative" )
6362 isAnti = true
6463 p = p [1 :]
6564 }
You can’t perform that action at this time.
0 commit comments