Active Scan Rule Stats Last Month

This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.

For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics

Alert Status Alert Count False Positive % Average Time in Secs
User Agent Fuzzer release 22804693 0.001 204
Cookie Slack Detector beta 485406 0.003 13
Proxy Disclosure beta 321989 0.002 74
Hidden File Found release 306295 0.005 69
CORS Header beta 253982 0 52
Backup File Disclosure beta 193358 1.138 40
Directory Browsing release 170320 0 25
SQL Injection release 133000 0.061 175
Insecure HTTP Method beta 125798 0 11
Cross Site Scripting (Reflected) release 106780 0.029 75
Relative Path Confusion beta 101982 0.002 10
.htaccess Information Leak release 62803 0 10
SQL Injection - SQLite release 61469 0.002 89
Anti-CSRF Tokens Check beta 59684 0 11
XSLT Injection release 58941 0 89
Path Traversal release 50130 0.366 298
Cloud Metadata Potentially Exposed release 40443 0 6
Buffer Overflow release 36886 0 20
Bypassing 403 beta 36848 0 24
HTTPS Content Available via HTTP beta 25976 0 9
GET for POST release 25391 0 5
Source Code Disclosure - File Inclusion beta 22896 0.475 19
Cross Site Scripting (DOM Based) release 22567 0 708
External Redirect release 22402 0.172 120
SQL Injection - MySQL release 22322 0 56
Remote File Inclusion release 17674 0 104
Format String Error release 17448 0.241 23
SQL Injection - Oracle release 17429 0 78
Cross-Domain Misconfiguration beta 13308 0 2
Remote OS Command Injection release 12701 0 170