Excluding URLs From Being Scanned

in some situations specific urls need to be excluded from dast scans this can include areas of the application which are out of scope, such as documentation endpoints, or in larger applications this may be necessary because the dast scans need to be segmented by specific application areas for example testing the main site vs an admin sub section of the site the excludeurlsfile parameter can be used to point to a text file containing a single url per line to exclude the urls may be exact matches , simple wildcard matches , or basic regex example file https //my site com/blog https //my site com/about/ ^https //my site com/wp content/ +$ pass the excludeurlsfile=\<exclude urls file> txt parameter and ensure that the file exists in the mapped local directory ( c \local path in this case) docker run v c \local path /zap/wrk/\ rw it rm soosio/dast clientid=\<soos client id> apikey="\<soos apikey>" projectname="\<project name>" excludeurlsfile=exclude urls txt scanmode=baseline https //url to test