This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 49582480 | 0 | 46 |
| HTTPS Content Available via HTTP | beta | 1156332 | 0.001 | 13 |
| SOAP Action Spoofing | beta | 859269 | 0 | 6 |
| Proxy Disclosure | beta | 677399 | 0.003 | 30 |
| Cookie Slack Detector | beta | 579193 | 0.002 | 7 |
| SQL Injection | release | 493941 | 38.146 | 56 |
| Hidden File Found | release | 455220 | 0.132 | 36 |
| CORS Header | beta | 286984 | 0 | 25 |
| Backup File Disclosure | beta | 262495 | 0.368 | 31 |
| Insecure HTTP Method | beta | 224872 | 0 | 7 |
| Directory Browsing | release | 194616 | 0 | 16 |
| SOAP XML Injection | beta | 173606 | 0.004 | 4 |
| GET for POST | release | 139059 | 0 | 4 |
| Cross Site Scripting (Reflected) | release | 94523 | 0 | 26 |
| .htaccess Information Leak | release | 91973 | 0 | 5 |
| Format String Error | release | 75528 | 0.01 | 8 |
| HTTP Only Site | beta | 65548 | 0.008 | 1 |
| Path Traversal | release | 59676 | 0 | 68 |
| Buffer Overflow | release | 56962 | 0 | 7 |
| Trace.axd Information Leak | release | 55978 | 0 | 6 |
| .env Information Leak | release | 53638 | 0 | 5 |
| Integer Overflow Error | beta | 49934 | 0.003 | 11 |
| Relative Path Confusion | beta | 45846 | 0 | 6 |
| SQL Injection - SQLite | release | 33896 | 0.005 | 12 |
| Bypassing 403 | beta | 30820 | 0.17 | 9 |
| Source Code Disclosure - File Inclusion | beta | 27887 | 1.087 | 6 |
| Spring4Shell | release | 16596 | 0.108 | 14 |
| Cross Site Scripting (Persistent) | release | 14714 | 0 | 5 |
| Cross Site Scripting (DOM Based) | release | 12763 | 0 | 181 |
| External Redirect | release | 12292 | 0 | 36 |