Managing Targets and Organizations in reNgine Cloud
Last updated April 8, 2026
Targets and organizations are the foundation of your reconnaissance workflow in reNgine Cloud. This guide covers how to set up projects, add targets, configure scope, and organize your work.
Projects and Organizations
Projects in reNgine are containers that group related targets. Use them to separate work by:
- Client — one project per client engagement.
- Environment — separate projects for production vs. staging assessments.
- Business unit — organize by team or department.
Creating a Project
- From the dashboard, click Add New Project.
- Enter a Project Name and optional Description.
- Click Create.
You can have as many projects as you need. Each project has its own targets, scan history, and results.
Adding Targets
Inside a project, click Add Target to define what reNgine will scan.
Supported Target Types
| Type | Example | What reNgine Does |
|---|---|---|
| Root domain | example.com |
Discovers all subdomains, then scans each |
| Subdomain | app.example.com |
Scans only this specific host |
| IP address | 203.0.113.10 |
Direct host scanning (port scan, services) |
| CIDR range | 203.0.113.0/24 |
Scans an entire network block |
Adding Multiple Targets
You can add multiple domains to a single target entry, one per line. This is useful for organizations with multiple root domains (e.g., example.com, example.io, example-staging.com).
Configuring Scope
Scope controls what reNgine is allowed to scan. Properly configured scope prevents accidental scanning of out-of-bounds assets.
In-Scope Rules
By default, all subdomains and IPs discovered under your target domain are in scope. You can narrow this by specifying explicit in-scope patterns.
Out-of-Scope Exclusions
Add out-of-scope entries to exclude specific hosts or paths:
*.internal.example.com— exclude all internal subdomains.203.0.113.50— exclude a specific IP./admin/*— exclude admin paths from directory fuzzing.
Important: Always configure out-of-scope rules before running your first scan. This prevents accidental scanning of production systems, third-party services, or assets outside your authorized scope.
Organizing Results
Filtering and Searching
All scan results (subdomains, endpoints, vulnerabilities, technologies) support:
- Text search — find specific hosts or keywords.
- Severity filter — show only critical/high vulnerabilities.
- Technology filter — find all hosts running a specific stack.
- Status code filter — find hosts returning specific HTTP codes.
Exporting Data
Export results from any view:
- CSV — for spreadsheets and data analysis.
- JSON — for integration with other tools.
- PDF Report — for stakeholder presentations.
Reports include all findings with timestamps, severity ratings, and remediation guidance (enhanced by AI if configured).
Best Practices
- One target per root domain — avoid overlapping targets that scan the same assets twice.
- Set scope before scanning — prevents accidental out-of-bounds reconnaissance.
- Use descriptive project names — makes it easy to find results months later.
- Archive completed projects — keep the dashboard clean while preserving historical data.
- Review results before re-scanning — check for false positives and adjust engine settings accordingly.
Troubleshooting
Target not resolving
Verify DNS resolution from the VM: docker exec -it web nslookup example.com. Check that the domain is not behind a firewall blocking the VM’s IP.
Scan discovers too many subdomains
This is normal for large organizations. Use scope exclusions to filter out irrelevant assets (e.g., *.cdn.example.com). Consider running a passive-only scan first to review the attack surface before launching an active scan.
Duplicate findings across scans reNgine deduplicates findings within a single scan but not across scans. Use the dashboard filters to compare results between scan runs.
Still need help? Open a ticket at support.hailbytes.com.