Active Scan Rule Stats Last Month

This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.

For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics

Alert Status Alert Count False Positive % Average Time in Secs
User Agent Fuzzer release 49582480 0 46
HTTPS Content Available via HTTP beta 1156332 0.001 13
SOAP Action Spoofing beta 859269 0 6
Proxy Disclosure beta 677399 0.003 30
Cookie Slack Detector beta 579193 0.002 7
SQL Injection release 493941 38.146 56
Hidden File Found release 455220 0.132 36
CORS Header beta 286984 0 25
Backup File Disclosure beta 262495 0.368 31
Insecure HTTP Method beta 224872 0 7
Directory Browsing release 194616 0 16
SOAP XML Injection beta 173606 0.004 4
GET for POST release 139059 0 4
Cross Site Scripting (Reflected) release 94523 0 26
.htaccess Information Leak release 91973 0 5
Format String Error release 75528 0.01 8
HTTP Only Site beta 65548 0.008 1
Path Traversal release 59676 0 68
Buffer Overflow release 56962 0 7
Trace.axd Information Leak release 55978 0 6
.env Information Leak release 53638 0 5
Integer Overflow Error beta 49934 0.003 11
Relative Path Confusion beta 45846 0 6
SQL Injection - SQLite release 33896 0.005 12
Bypassing 403 beta 30820 0.17 9
Source Code Disclosure - File Inclusion beta 27887 1.087 6
Spring4Shell release 16596 0.108 14
Cross Site Scripting (Persistent) release 14714 0 5
Cross Site Scripting (DOM Based) release 12763 0 181
External Redirect release 12292 0 36