Scopein only brings to you urls in scope, facilitating you recon process and avoiding scanning out of scope websites
Installing the tool ->
Using go
▶ go install github.com/ferreiraklet/scopein@latestUsing git clone
▶ git clone https://github.com/ferreiraklet/scopein.git
▶ cd scopein
▶ go build scopein.go
▶ chmod +x scopein
▶ ./scopein -hIn Your recon process, when doing subdomain recon & url recon, you may get urls that is not in the scope, such as: "bit.ly", "twitter.com", random urls or subdomains. Here comes scopein, he only shows in terminal in scope urls
scopein is very easy to use, follow the steps =>
Pay attention to the syntax!
cat urls | scopein -s "targetscope.com"
cat subdomains | scopein -s "targetscope.com|targetscope2.com"cat targets | scopein -b "outscope.com"
cat targets | scopein -b "outscope.com|outscope2.com"cat targets
---output---
https://google.com
https://redacted.com
https://example.com
https://twitter.com
cat scope
---output---
google.com
twitter.com
Print urls from in scope config file ->
cat targets | scopein -f scope
Print permitted urls from out of scope file
cat targets | scopein -bf scopeecho "http://testphp.vulnweb.com" | waybackurls | scopein -s "testphp.vulnweb.com"
echo "http://testphp.vulnweb.com" | waybackurls | scopein -b "twitter.com"
echo "http://testphp.vulnweb.com" | hakrawler | scopein -s "testphp.vulnweb.com"
echo "http://testphp.vulnweb.com" | gauplus -b svg,jpg,png,gif,pdf,js,css | scopein -f scopes
echo "http://testphp.vulnweb.com" | gau | scopein -bf scopesNilo - Checks if URL has status 200
Jeeves - Time based blind Injection Scanner
Airixss - XSS Reflected recon
If any error in the program, talk to me immediatly.
Contact:
Discord: ferreira#9313 Twitter: ferreiraklet