This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 44050391 | 0.038 | 79 |
| Hidden File Found | release | 721906 | 0.023 | 30 |
| Cookie Slack Detector | beta | 704951 | 0.016 | 10 |
| Proxy Disclosure | beta | 690248 | 0.084 | 39 |
| Backup File Disclosure | beta | 327995 | 0.54 | 46 |
| SQL Injection | release | 274885 | 9.153 | 78 |
| GET for POST | release | 249659 | 0.001 | 11 |
| CORS Header | beta | 233858 | 0.014 | 43 |
| Directory Browsing | release | 196447 | 0 | 15 |
| SQL Injection - SQLite | release | 149649 | 0.76 | 29 |
| Insecure HTTP Method | beta | 148974 | 0.896 | 8 |
| XSLT Injection | release | 99200 | 0.01 | 48 |
| Cross Site Scripting (Reflected) | release | 89210 | 0.056 | 118 |
| Path Traversal | release | 59545 | 0.019 | 103 |
| SOAP Action Spoofing | beta | 55827 | 0 | 10 |
| Buffer Overflow | release | 46287 | 0.041 | 7 |
| Bypassing 403 | beta | 45970 | 0.138 | 14 |
| SQL Injection - Oracle | release | 41347 | 0.083 | 21 |
| Source Code Disclosure - File Inclusion | beta | 38646 | 0.148 | 9 |
| Relative Path Confusion | beta | 36359 | 0 | 8 |
| Format String Error | release | 34498 | 0.052 | 9 |
| .htaccess Information Leak | release | 31966 | 0.004 | 9 |
| HTTPS Content Available via HTTP | beta | 28090 | 0 | 9 |
| .env Information Leak | release | 25542 | 0.005 | 9 |
| Anti-CSRF Tokens Check | beta | 23597 | 0.005 | 6 |
| Parameter Tampering | release | 19168 | 0.004 | 22 |
| Cross Site Scripting (DOM Based) | release | 17379 | 0 | 171 |
| Trace.axd Information Leak | release | 16938 | 0.008 | 10 |
| SOAP XML Injection | beta | 15030 | 0 | 13 |
| Cloud Metadata Potentially Exposed | release | 11528 | 0.163 | 12 |