Active Scan Rule Stats Last Month

This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.

For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics

Alert Status Alert Count False Positive % Average Time in Secs
User Agent Fuzzer release 3467073 0 83
Cookie Slack Detector beta 901856 0 38
Anti-CSRF Tokens Check beta 620439 0 30
Insecure HTTP Method beta 413450 0.055 29
Hidden File Found release 411505 0.002 50
Proxy Disclosure beta 397601 0.025 90
Cross Site Scripting (DOM Based) release 395614 0 1606
Relative Path Confusion beta 357793 0.003 12
Directory Browsing release 165427 0 22
SQL Injection release 142694 0.505 90
Bypassing 403 beta 139542 0.003 63
Backup File Disclosure beta 125787 1.219 24
Cross Site Scripting (Reflected) release 107326 0.005 81
CORS Header beta 78039 0 102
Buffer Overflow release 62725 0 18
External Redirect release 55968 0.769 145
Format String Error release 52472 0.907 28
Path Traversal release 50224 0.157 169
HTTPS Content Available via HTTP beta 42013 0 4
.htaccess Information Leak release 38721 0 6
Integer Overflow Error beta 17378 0 26
Source Code Disclosure - File Inclusion beta 17104 0.011 18
HTTP Only Site beta 16866 0 13
SQL Injection - SQLite release 16014 0 14
Parameter Tampering release 14846 0 29
Advanced SQL Injection beta 13744 0 1973
Cloud Metadata Potentially Exposed release 11735 0 2
GET for POST release 11575 0 1
NoSQL Injection - MongoDB alpha 11556 0 14
XSLT Injection release 9934 0.022 60