This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 34724812 | 0.011 | 68 |
| SOAP Action Spoofing | beta | 4476688 | 0 | 6 |
| Proxy Disclosure | beta | 744178 | 0.069 | 38 |
| CORS Header | beta | 615766 | 0 | 16 |
| Hidden File Found | release | 503866 | 0.057 | 17 |
| HTTPS Content Available via HTTP | beta | 469890 | 0.001 | 16 |
| Cookie Slack Detector | beta | 392338 | 0.042 | 17 |
| Backup File Disclosure | beta | 336300 | 0.651 | 63 |
| SQL Injection | release | 297388 | 7.8 | 69 |
| GET for POST | release | 165794 | 0 | 7 |
| Directory Browsing | release | 155498 | 0 | 19 |
| SQL Injection - SQLite | release | 115601 | 0.072 | 29 |
| Cross Site Scripting (Reflected) | release | 105466 | 0 | 36 |
| Buffer Overflow | release | 90774 | 0 | 7 |
| SOAP XML Injection | beta | 72551 | 0.003 | 4 |
| Insecure HTTP Method | beta | 52570 | 0.188 | 5 |
| Path Traversal | release | 48445 | 0.014 | 103 |
| .htaccess Information Leak | release | 40760 | 0 | 9 |
| .env Information Leak | release | 37718 | 0 | 8 |
| Format String Error | release | 31008 | 0.052 | 10 |
| Relative Path Confusion | beta | 29529 | 0 | 6 |
| XSLT Injection | release | 24973 | 0 | 32 |
| Bypassing 403 | beta | 24925 | 0.19 | 9 |
| Source Code Disclosure - File Inclusion | beta | 21548 | 1.22 | 5 |
| Cross Site Scripting (DOM Based) | release | 15276 | 0.005 | 223 |
| Cross Site Scripting (Persistent) | release | 15212 | 0.021 | 7 |
| HTTP Only Site | beta | 13657 | 0.007 | 1 |
| Integer Overflow Error | beta | 11962 | 0.007 | 7 |
| External Redirect | release | 10645 | 0 | 59 |
| Cloud Metadata Potentially Exposed | release | 10068 | 0.031 | 8 |