This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 43099843 | 0.066 | 109 |
| Cookie Slack Detector | beta | 516759 | 0.051 | 18 |
| Hidden File Found | release | 507662 | 0.028 | 61 |
| Proxy Disclosure | beta | 473716 | 0.016 | 44 |
| SQL Injection | release | 230133 | 0.327 | 115 |
| .htaccess Information Leak | release | 213790 | 0.003 | 11 |
| Backup File Disclosure | beta | 213406 | 0.755 | 51 |
| CORS Header | beta | 207599 | 0 | 38 |
| Directory Browsing | release | 205175 | 0 | 23 |
| SOAP Action Spoofing | beta | 205030 | 0 | 14 |
| Insecure HTTP Method | beta | 181965 | 0 | 13 |
| SQL Injection - SQLite | release | 180105 | 0.02 | 44 |
| Anti-CSRF Tokens Check | beta | 167638 | 1.696 | 16 |
| XSLT Injection | release | 131068 | 0.448 | 73 |
| GET for POST | release | 121543 | 0 | 13 |
| Cross Site Scripting (Reflected) | release | 115766 | 0.002 | 52 |
| Buffer Overflow | release | 89998 | 0 | 32 |
| Path Traversal | release | 83979 | 0.021 | 164 |
| Cloud Metadata Potentially Exposed | release | 61155 | 0.009 | 8 |
| .env Information Leak | release | 58622 | 0.013 | 13 |
| Trace.axd Information Leak | release | 55805 | 0.006 | 13 |
| SQL Injection - Oracle | release | 54248 | 0.048 | 36 |
| HTTPS Content Available via HTTP | beta | 47066 | 0 | 18 |
| Relative Path Confusion | beta | 37994 | 0 | 17 |
| Bypassing 403 | beta | 32192 | 0.275 | 15 |
| Server Side Template Injection | beta | 29226 | 0 | 73 |
| Format String Error | release | 26568 | 0.15 | 33 |
| Source Code Disclosure - File Inclusion | beta | 21475 | 0.041 | 11 |
| Spring4Shell | beta | 14307 | 0.017 | 38 |
| Parameter Tampering | release | 12556 | 0 | 34 |