This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 41364758 | 0.002 | 51 |
| HTTPS Content Available via HTTP | beta | 1547527 | 0.007 | 19 |
| Proxy Disclosure | beta | 805146 | 0.026 | 35 |
| Cookie Slack Detector | beta | 714070 | 0.008 | 9 |
| CORS Header | beta | 616279 | 0 | 61 |
| SQL Injection | release | 426823 | 55.927 | 56 |
| Hidden File Found | release | 388489 | 0.19 | 34 |
| SOAP Action Spoofing | beta | 322795 | 0 | 4 |
| Directory Browsing | release | 310254 | 0 | 14 |
| Backup File Disclosure | beta | 256939 | 0.927 | 34 |
| GET for POST | release | 174998 | 0 | 5 |
| Insecure HTTP Method | beta | 111128 | 0.034 | 9 |
| .htaccess Information Leak | release | 98899 | 0 | 7 |
| Cross Site Scripting (Reflected) | release | 92273 | 0 | 32 |
| Path Traversal | release | 75174 | 0 | 96 |
| Format String Error | release | 74666 | 0.001 | 7 |
| SOAP XML Injection | beta | 74456 | 0.02 | 7 |
| HTTP Only Site | beta | 72408 | 0.005 | 1 |
| Trace.axd Information Leak | release | 59424 | 0 | 8 |
| .env Information Leak | release | 56747 | 0 | 7 |
| Buffer Overflow | release | 53101 | 0 | 6 |
| Relative Path Confusion | beta | 30766 | 0 | 19 |
| SQL Injection - SQLite | release | 30185 | 0.203 | 17 |
| Bypassing 403 | beta | 28165 | 0.206 | 11 |
| Source Code Disclosure - File Inclusion | beta | 27993 | 1.252 | 9 |
| Cross Site Scripting (DOM Based) | release | 20800 | 0 | 167 |
| NoSQL Injection - MongoDB | alpha | 16993 | 1.705 | 12 |
| Parameter Tampering | release | 16041 | 0 | 19 |
| XSLT Injection | release | 13451 | 0 | 29 |
| Integer Overflow Error | beta | 13068 | 0.024 | 16 |