diff --git a/README.md b/README.md
index c300116..354df40 100644
--- a/README.md
+++ b/README.md
@@ -54,6 +54,7 @@ The basic command to run a baseline scan would look like:
 | `--commitHash` |  | The commit hash value from the SCM System |
 | `--contextFile` |  | Context file which will be loaded prior to scanning the target |
 | `--debug` |  | Enable debug logging for ZAP. |
+| `--excludeUrlsFile` | | Path to a file containing regex URLs to exclude, one per line. eg `--excludeUrlsFile=exclude_urls.txt`
 | `--disableRules` |  | Comma separated list of ZAP rules IDs to disable. List for reference https://www.zaproxy.org/docs/alerts/ |
 | `--fullScanMinutes` |  | Number of minutes for the spider to run |
 | `--logLevel` |  | Minimum level to show logs: DEBUG INFO, WARN, FAIL, ERROR. |
diff --git a/package-lock.json b/package-lock.json
index 07f5e82..399c65d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "soos-dast",
-  "version": "2.0.20",
+  "version": "2.0.21",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "soos-dast",
-      "version": "2.0.20",
+      "version": "2.0.21",
       "license": "MIT",
       "dependencies": {
         "@soos-io/api-client": "0.2.35",
diff --git a/package.json b/package.json
index 13a27a5..1f11e7d 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "soos-dast",
-  "version": "2.0.20",
+  "version": "2.0.21",
   "description": "SOOS DAST - The affordable no limit web vulnerability scanner",
   "main": "index.js",
   "scripts": {
diff --git a/src/index.ts b/src/index.ts
index 1c6c2eb..a935cea 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -45,6 +45,7 @@ export interface SOOSDASTAnalysisArgs extends IBaseScanArguments {
   contextFile: string;
   debug: boolean;
   disableRules: string;
+  excludeUrlsFile: string;
   fullScanMinutes: number;
   oauthParameters: string;
   oauthTokenUrl: string;
@@ -183,6 +184,11 @@ class SOOSDASTAnalysis {
       nargs: "*",
     });
 
+    analysisArgumentParser.argumentParser.add_argument("--excludeUrlsFile", {
+      help: "Path to a file containing regex URLs to exclude, one per line.",
+      required: false,
+    });
+
     analysisArgumentParser.argumentParser.add_argument("--fullScanMinutes", {
       help: "Number of minutes for the spider to run.",
       required: false,
diff --git a/src/utilities/ZAPCommandGenerator.ts b/src/utilities/ZAPCommandGenerator.ts
index 8dfa4ea..6ae1364 100644
--- a/src/utilities/ZAPCommandGenerator.ts
+++ b/src/utilities/ZAPCommandGenerator.ts
@@ -55,6 +55,7 @@ export class ZAPCommandGenerator {
     this.addEnvironmentVariable("CUSTOM_COOKIES", this.config.requestCookies);
     this.addEnvironmentVariable("CUSTOM_HEADER", this.config.requestHeaders);
     this.addEnvironmentVariable("DISABLE_RULES", this.config.disableRules);
+    this.addEnvironmentVariable("EXCLUDE_URLS_FILE", this.config.excludeUrlsFile);
     this.addEnvironmentVariable("OAUTH_PARAMETERS", this.config.oauthParameters);
     this.addEnvironmentVariable("OAUTH_TOKEN_URL", this.config.oauthTokenUrl);
     if (this.config.debug) this.addEnvironmentVariable("DEBUG_MODE", this.config.debug);
diff --git a/src/zap_hooks/helpers/configuration.py b/src/zap_hooks/helpers/configuration.py
index 64d8afb..97a243f 100644
--- a/src/zap_hooks/helpers/configuration.py
+++ b/src/zap_hooks/helpers/configuration.py
@@ -37,6 +37,7 @@ class DASTConfig:
     oauth_parameters: Optional[str] = None
     disable_rules: Optional[str] = None
     debug_mode: Optional[bool] = False
+    exclude_urls_file: Optional[str] = None
 
     def __init__(self):
         self.extra_zap_params = None
@@ -73,6 +74,7 @@ def load_config(self, extra_zap_params):
             self.oauth_parameters = self._get_hook_param_list(os.environ.get('OAUTH_PARAMETERS')) or EMPTY_STRING
             self.disable_rules = self._get_hook_param_list(os.environ.get('DISABLE_RULES')) or None
             self.debug_mode = os.environ.get('DEBUG_MODE') or False
+            self.exclude_urls_file = os.environ.get('EXCLUDE_URLS_FILE') or None
 
         except Exception as error:
             log(f"error in start_docker_zap: {traceback.print_exc()}", log_level=LogLevel.ERROR)
diff --git a/src/zap_hooks/soos_zap_hook.py b/src/zap_hooks/soos_zap_hook.py
index abd2352..5e02f1d 100644
--- a/src/zap_hooks/soos_zap_hook.py
+++ b/src/zap_hooks/soos_zap_hook.py
@@ -53,6 +53,14 @@ def zap_started(zap, target):
             serialize_and_save(zap.core, 'wrk/core_data_started.json')
             serialize_and_save(zap.pscan, 'wrk/pscan_data_started.json')
             serialize_and_save(zap.context, 'wrk/context_data_started.json')
+        if config.exclude_urls_file:
+            exclude_urls_file_path = f"wrk/{config.exclude_urls_file}"
+            with open(exclude_urls_file_path) as f:
+                for line in f:
+                    url = line.strip()
+                    log(f"Excluding url on spider: {url}")
+                    zap.spider.exclude_from_scan(url)
+            
     except Exception:
         exit_app(f"error in zap_started: {traceback.print_exc()}")