This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 41693396 | 0.032 | 79 |
| CORS Header | beta | 729926 | 0.001 | 17 |
| Cookie Slack Detector | beta | 583841 | 0.039 | 6 |
| Hidden File Found | release | 529206 | 0.022 | 20 |
| Proxy Disclosure | beta | 507679 | 0.108 | 45 |
| SQL Injection | release | 304281 | 14.326 | 65 |
| Directory Browsing | release | 227763 | 0 | 15 |
| Backup File Disclosure | beta | 203372 | 1.097 | 26 |
| GET for POST | release | 198982 | 0.008 | 7 |
| XSLT Injection | release | 149472 | 0.076 | 39 |
| SQL Injection - SQLite | release | 141396 | 0.091 | 36 |
| Cross Site Scripting (Reflected) | release | 69607 | 0.001 | 38 |
| Insecure HTTP Method | beta | 62011 | 0.033 | 4 |
| Path Traversal | release | 61176 | 0.007 | 132 |
| Relative Path Confusion | beta | 55040 | 0 | 5 |
| HTTPS Content Available via HTTP | beta | 50184 | 0 | 13 |
| SOAP Action Spoofing | beta | 47269 | 0 | 6 |
| Bypassing 403 | beta | 44691 | 0.128 | 9 |
| Source Code Disclosure - File Inclusion | beta | 43782 | 0.609 | 4 |
| .htaccess Information Leak | release | 37031 | 0 | 9 |
| Buffer Overflow | release | 31171 | 0 | 6 |
| .env Information Leak | release | 28326 | 0 | 9 |
| Format String Error | release | 27364 | 0.064 | 9 |
| Cloud Metadata Potentially Exposed | release | 18279 | 0.239 | 9 |
| Trace.axd Information Leak | release | 17967 | 0 | 12 |
| Parameter Tampering | release | 17632 | 0 | 22 |
| Cross Site Scripting (DOM Based) | release | 15903 | 0 | 309 |
| Spring4Shell | release | 11920 | 0.051 | 24 |
| Integer Overflow Error | beta | 10361 | 0.001 | 6 |
| Cross Site Scripting (Persistent) | release | 9779 | 0.089 | 7 |