bug: Unwanted subdomain scan

[UG9sdA]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

I have a list of subdomains that I want to scan and only those subdomains. But when I import the subdomains and scan it, reNgine automatically scan for other subdomains as well. I have tried disable subdomain scanning in the scan engine config but that didn't work. I have tried adding the regex rule for subdomain exclusion (something like ^(?:subdoman_prefix_1|subdomain_prefix_2)$(*SKIP)(*FAIL)|.+ ) to whitelist out my wanted subdomain but it didn't work either.

Expected Behavior

reNgine only scan the imported subdomains if there are any.

Steps To Reproduce

1. Add a new domain
2. Initiate a scan
3. Choose scan engine
4. Import subdomain and exclusion list
5. Start scanning
6. Wait a bit and the amount of subdomain found will rise

Environment

- reNgine: 2.2.0
- OS: Ubuntu 24.04
- Python: python 3.12.3
- Docker Engine: 27.5.1
- Docker Compose: 1.29.2
- Browser: Firefox

Anything else?

No response

[github-actions]

Hey @UG9sdA! 👋 Thanks for flagging this bug! 🐛🔍

You're our superhero bug hunter! 🦸‍♂️🦸‍♀️ Before we suit up to squash this bug, could you please:

📚 Double-check our documentation: https://rengine.wiki
🕵️ Make sure it's not a known issue
📝 Provide all the juicy details about this sneaky bug

Once again - thanks for your vigilance! 🛠️🚀