This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 38308341 | 0.038 | 65 |
| SOAP Action Spoofing | beta | 681401 | 0 | 13 |
| Hidden File Found | release | 647555 | 0.037 | 19 |
| Cookie Slack Detector | beta | 640941 | 0.02 | 16 |
| Proxy Disclosure | beta | 605297 | 0.116 | 37 |
| CORS Header | beta | 531943 | 0.017 | 25 |
| Backup File Disclosure | beta | 300422 | 0.748 | 41 |
| SQL Injection | release | 282410 | 20.936 | 68 |
| Directory Browsing | release | 232800 | 0 | 16 |
| XSLT Injection | release | 219711 | 0.026 | 51 |
| GET for POST | release | 189101 | 0.002 | 7 |
| SOAP XML Injection | beta | 156293 | 0.001 | 8 |
| SQL Injection - SQLite | release | 151895 | 0.069 | 28 |
| Insecure HTTP Method | beta | 131157 | 0.017 | 7 |
| Cross Site Scripting (Reflected) | release | 85013 | 0.001 | 32 |
| Buffer Overflow | release | 69558 | 0 | 6 |
| Path Traversal | release | 68092 | 0.005 | 116 |
| HTTPS Content Available via HTTP | beta | 68087 | 0 | 14 |
| Relative Path Confusion | beta | 59978 | 0 | 12 |
| Bypassing 403 | beta | 37493 | 0.077 | 11 |
| SQL Injection - Oracle | release | 31693 | 0.109 | 21 |
| Integer Overflow Error | beta | 31354 | 0.001 | 13 |
| Cross Site Scripting (Persistent) | release | 25673 | 0.01 | 6 |
| .htaccess Information Leak | release | 25137 | 0 | 8 |
| Format String Error | release | 23988 | 0.07 | 36 |
| Parameter Tampering | release | 22617 | 0 | 24 |
| Source Code Disclosure - File Inclusion | beta | 21210 | 2.923 | 4 |
| .env Information Leak | release | 19616 | 0 | 9 |
| Advanced SQL Injection | beta | 16258 | 0.02 | 747 |
| Cloud Metadata Potentially Exposed | release | 15738 | 0.306 | 6 |