This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 44429269 | 0.002 | 247 |
| HTTPS Content Available via HTTP | beta | 2424190 | 0 | 17 |
| Proxy Disclosure | beta | 660160 | 0.052 | 25 |
| Cookie Slack Detector | beta | 604092 | 0.04 | 7 |
| SOAP Action Spoofing | beta | 517443 | 0 | 4 |
| SQL Injection | release | 431526 | 35.427 | 68 |
| Hidden File Found | release | 400742 | 0.067 | 20 |
| CORS Header | beta | 256283 | 0 | 18 |
| Directory Browsing | release | 248562 | 0 | 18 |
| GET for POST | release | 176538 | 0 | 7 |
| Backup File Disclosure | beta | 147213 | 1.333 | 28 |
| Insecure HTTP Method | beta | 131341 | 0.577 | 6 |
| SOAP XML Injection | beta | 128903 | 0 | 3 |
| .htaccess Information Leak | release | 108339 | 0 | 8 |
| Format String Error | release | 75459 | 0.019 | 8 |
| Buffer Overflow | release | 68186 | 0.04 | 7 |
| Trace.axd Information Leak | release | 67898 | 0 | 10 |
| Cross Site Scripting (Reflected) | release | 66792 | 0.002 | 31 |
| Relative Path Confusion | beta | 59465 | 0 | 6 |
| HTTP Only Site | beta | 59300 | 0.006 | 1 |
| .env Information Leak | release | 58312 | 0 | 8 |
| Path Traversal | release | 57590 | 0.008 | 125 |
| SQL Injection - SQLite | release | 42652 | 0.636 | 14 |
| Parameter Tampering | release | 30052 | 0 | 24 |
| Bypassing 403 | beta | 26497 | 0.212 | 8 |
| Cross Site Scripting (DOM Based) | release | 20416 | 0 | 217 |
| Anti-CSRF Tokens Check | beta | 18459 | 0.044 | 4 |
| Integer Overflow Error | beta | 14404 | 0.001 | 9 |
| Source Code Disclosure - File Inclusion | beta | 13523 | 2.43 | 4 |
| NoSQL Injection - MongoDB | alpha | 13434 | 1.91 | 11 |