This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 3467073 | 0 | 83 |
| Cookie Slack Detector | beta | 901856 | 0 | 38 |
| Anti-CSRF Tokens Check | beta | 620439 | 0 | 30 |
| Insecure HTTP Method | beta | 413450 | 0.055 | 29 |
| Hidden File Found | release | 411505 | 0.002 | 50 |
| Proxy Disclosure | beta | 397601 | 0.025 | 90 |
| Cross Site Scripting (DOM Based) | release | 395614 | 0 | 1606 |
| Relative Path Confusion | beta | 357793 | 0.003 | 12 |
| Directory Browsing | release | 165427 | 0 | 22 |
| SQL Injection | release | 142694 | 0.505 | 90 |
| Bypassing 403 | beta | 139542 | 0.003 | 63 |
| Backup File Disclosure | beta | 125787 | 1.219 | 24 |
| Cross Site Scripting (Reflected) | release | 107326 | 0.005 | 81 |
| CORS Header | beta | 78039 | 0 | 102 |
| Buffer Overflow | release | 62725 | 0 | 18 |
| External Redirect | release | 55968 | 0.769 | 145 |
| Format String Error | release | 52472 | 0.907 | 28 |
| Path Traversal | release | 50224 | 0.157 | 169 |
| HTTPS Content Available via HTTP | beta | 42013 | 0 | 4 |
| .htaccess Information Leak | release | 38721 | 0 | 6 |
| Integer Overflow Error | beta | 17378 | 0 | 26 |
| Source Code Disclosure - File Inclusion | beta | 17104 | 0.011 | 18 |
| HTTP Only Site | beta | 16866 | 0 | 13 |
| SQL Injection - SQLite | release | 16014 | 0 | 14 |
| Parameter Tampering | release | 14846 | 0 | 29 |
| Advanced SQL Injection | beta | 13744 | 0 | 1973 |
| Cloud Metadata Potentially Exposed | release | 11735 | 0 | 2 |
| GET for POST | release | 11575 | 0 | 1 |
| NoSQL Injection - MongoDB | alpha | 11556 | 0 | 14 |
| XSLT Injection | release | 9934 | 0.022 | 60 |