This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
Alert | Status | Alert Count | False Positive % | Average Time in Secs |
---|---|---|---|---|
User Agent Fuzzer | release | 22804693 | 0.001 | 204 |
Cookie Slack Detector | beta | 485406 | 0.003 | 13 |
Proxy Disclosure | beta | 321989 | 0.002 | 74 |
Hidden File Found | release | 306295 | 0.005 | 69 |
CORS Header | beta | 253982 | 0 | 52 |
Backup File Disclosure | beta | 193358 | 1.138 | 40 |
Directory Browsing | release | 170320 | 0 | 25 |
SQL Injection | release | 133000 | 0.061 | 175 |
Insecure HTTP Method | beta | 125798 | 0 | 11 |
Cross Site Scripting (Reflected) | release | 106780 | 0.029 | 75 |
Relative Path Confusion | beta | 101982 | 0.002 | 10 |
.htaccess Information Leak | release | 62803 | 0 | 10 |
SQL Injection - SQLite | release | 61469 | 0.002 | 89 |
Anti-CSRF Tokens Check | beta | 59684 | 0 | 11 |
XSLT Injection | release | 58941 | 0 | 89 |
Path Traversal | release | 50130 | 0.366 | 298 |
Cloud Metadata Potentially Exposed | release | 40443 | 0 | 6 |
Buffer Overflow | release | 36886 | 0 | 20 |
Bypassing 403 | beta | 36848 | 0 | 24 |
HTTPS Content Available via HTTP | beta | 25976 | 0 | 9 |
GET for POST | release | 25391 | 0 | 5 |
Source Code Disclosure - File Inclusion | beta | 22896 | 0.475 | 19 |
Cross Site Scripting (DOM Based) | release | 22567 | 0 | 708 |
External Redirect | release | 22402 | 0.172 | 120 |
SQL Injection - MySQL | release | 22322 | 0 | 56 |
Remote File Inclusion | release | 17674 | 0 | 104 |
Format String Error | release | 17448 | 0.241 | 23 |
SQL Injection - Oracle | release | 17429 | 0 | 78 |
Cross-Domain Misconfiguration | beta | 13308 | 0 | 2 |
Remote OS Command Injection | release | 12701 | 0 | 170 |