This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 36658986 | 0.001 | 57 |
| SOAP Action Spoofing | beta | 1608986 | 0 | 3 |
| HTTPS Content Available via HTTP | beta | 1162280 | 0.001 | 15 |
| Proxy Disclosure | beta | 459515 | 0.041 | 27 |
| Cookie Slack Detector | beta | 453975 | 0.036 | 6 |
| CORS Header | beta | 419190 | 0 | 22 |
| SQL Injection | release | 357413 | 21.62 | 71 |
| Backup File Disclosure | beta | 341018 | 0.626 | 45 |
| SOAP XML Injection | beta | 324309 | 0 | 4 |
| Hidden File Found | release | 236966 | 0.185 | 17 |
| Directory Browsing | release | 170982 | 0.026 | 15 |
| Insecure HTTP Method | beta | 153570 | 0.037 | 6 |
| Cross Site Scripting (Reflected) | release | 131378 | 0 | 31 |
| HTTP Only Site | beta | 107754 | 0.002 | 1 |
| GET for POST | release | 101913 | 0.006 | 4 |
| Buffer Overflow | release | 86063 | 0.005 | 7 |
| Format String Error | release | 60046 | 0.022 | 10 |
| SQL Injection - SQLite | release | 54644 | 0.187 | 21 |
| Relative Path Confusion | beta | 46309 | 0.006 | 8 |
| Path Traversal | release | 45706 | 0.008 | 213 |
| Bypassing 403 | beta | 30161 | 0.184 | 12 |
| .htaccess Information Leak | release | 27892 | 0 | 6 |
| Parameter Tampering | release | 18284 | 0 | 21 |
| XSLT Injection | release | 18239 | 0 | 17 |
| Source Code Disclosure - File Inclusion | beta | 17501 | 1.847 | 8 |
| Advanced SQL Injection | beta | 15897 | 0 | 616 |
| Cross Site Scripting (DOM Based) | release | 15689 | 0 | 142 |
| .env Information Leak | release | 13764 | 0 | 6 |
| Trace.axd Information Leak | release | 12126 | 0 | 7 |
| Cloud Metadata Potentially Exposed | release | 12029 | 0.023 | 11 |