This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 33303697 | 0.118 | 125 |
| Cookie Slack Detector | beta | 609010 | 0.003 | 43 |
| Proxy Disclosure | beta | 566483 | 0 | 61 |
| Hidden File Found | release | 374746 | 0.003 | 89 |
| Backup File Disclosure | beta | 305441 | 0.644 | 46 |
| SQL Injection - SQLite | release | 257332 | 0.002 | 65 |
| Anti-CSRF Tokens Check | beta | 228853 | 1.209 | 14 |
| SQL Injection | release | 203268 | 0.154 | 236 |
| CORS Header | beta | 177052 | 0.259 | 47 |
| XSLT Injection | release | 166994 | 0 | 91 |
| Directory Browsing | release | 143996 | 0 | 49 |
| .htaccess Information Leak | release | 134542 | 0 | 12 |
| Cross Site Scripting (Reflected) | release | 130501 | 0.004 | 101 |
| SQL Injection - Oracle | release | 113863 | 0 | 67 |
| Path Traversal | release | 94937 | 0.022 | 245 |
| SQL Injection - MySQL | release | 93782 | 0 | 70 |
| Buffer Overflow | release | 90161 | 0 | 18 |
| Insecure HTTP Method | beta | 89948 | 0 | 18 |
| Relative Path Confusion | beta | 75326 | 0 | 14 |
| SQL Injection - Hypersonic SQL | release | 69113 | 0 | 71 |
| HTTPS Content Available via HTTP | beta | 62272 | 0 | 8 |
| GET for POST | release | 56494 | 0 | 14 |
| SQL Injection - PostgreSQL | release | 56030 | 0 | 59 |
| Cloud Metadata Potentially Exposed | release | 53597 | 0.007 | 7 |
| Remote OS Command Injection | release | 52333 | 0 | 178 |
| Server Side Template Injection (Blind) | beta | 47419 | 0 | 53 |
| Bypassing 403 | beta | 40738 | 0 | 57 |
| Generic Padding Oracle | release | 37548 | 0.004 | 21 |
| Integer Overflow Error | beta | 35824 | 0 | 24 |
| Remote File Inclusion | release | 35188 | 0 | 128 |