# 🚫 masscan-exclude: Exclude Unwanted IP Ranges from Masscan Scans ## πŸ“˜ Overview The `exclude.sh` script is designed to help you exclude specific IP ranges from your Masscan scans. The `exclude.conf` file is designed to help you exclude specific IP ranges from your Masscan scans. `masscan 0.0.0.0/0 -p0-65535 --excludefile exclude.conf` Excluded ranges: - πŸ”’ Private IPs - 🌐 Reserved IPs - πŸ•ΈοΈ Bogon IPs - 🌍 Root DNS servers - πŸ›οΈ Government and law enforcement IPs By filtering out these ranges, you can focus your scans on more relevant targets and avoid unnecessary traffic to sensitive or internal networks. ## βš™οΈ Prerequisites Before running the script `exclude.sh`, ensure you have the following installed: - βœ… `ipset` – for managing IP sets - βœ… `iptables` – for configuring firewall rules - βœ… `curl` – for fetching the exclusion list ## πŸ› οΈ Installation & Usage 1. **Clone the Repository:** ```bash git clone https://github.com/scriptzteam/masscan-exclude.git cd masscan-exclude 2. **Run the Script:** ```./exclude.sh``` This will: ``` Download the latest exclude.conf file. Flush and recreate the masscan-exclude IP set. Populate the set with IPs to exclude. Update iptables rules to drop incoming and outgoing traffic to/from these IPs. ```