This page shows the statistics for the top 30 (by alert count) Active Scan rules last month. You can sort on any column - just click on the column headers.
For more details on what the stats mean see the blog post: Monthly Active Scan Rule Statistics
| Alert | Status | Alert Count | False Positive % | Average Time in Secs |
|---|---|---|---|---|
| User Agent Fuzzer | release | 50296012 | 0 | 47 |
| SOAP Action Spoofing | beta | 2041375 | 0 | 6 |
| HTTPS Content Available via HTTP | beta | 1497903 | 0 | 14 |
| Cookie Slack Detector | beta | 545153 | 0.033 | 6 |
| Proxy Disclosure | beta | 510581 | 0.067 | 29 |
| Hidden File Found | release | 460549 | 0.099 | 18 |
| SQL Injection | release | 410640 | 20.34 | -57 |
| SOAP XML Injection | beta | 379114 | 0 | 4 |
| CORS Header | beta | 369923 | 0 | 23 |
| Backup File Disclosure | beta | 291141 | 0.859 | 26 |
| Directory Browsing | release | 260921 | 0 | 14 |
| Insecure HTTP Method | beta | 222908 | 0.253 | 6 |
| GET for POST | release | 144020 | 0.004 | 4 |
| .htaccess Information Leak | release | 114071 | 0 | 7 |
| Buffer Overflow | release | 100317 | 0.039 | 8 |
| HTTP Only Site | beta | 93465 | 0.001 | 3 |
| Cross Site Scripting (Reflected) | release | 92408 | 0 | 35 |
| Path Traversal | release | 73488 | 0.008 | 152 |
| Trace.axd Information Leak | release | 67566 | 0 | 8 |
| Format String Error | release | 64453 | 0.052 | 8 |
| .env Information Leak | release | 63003 | 0 | 6 |
| SQL Injection - SQLite | release | 58062 | 0.279 | 14 |
| Bypassing 403 | beta | 41999 | 0.174 | 9 |
| Source Code Disclosure - File Inclusion | beta | 33871 | 1.095 | 5 |
| XSLT Injection | release | 31095 | 0 | 15 |
| Relative Path Confusion | beta | 28032 | 0 | 6 |
| Integer Overflow Error | beta | 21839 | 0.005 | 10 |
| Cross Site Scripting (DOM Based) | release | 21319 | 0 | 188 |
| Parameter Tampering | release | 20788 | 0 | 22 |
| External Redirect | release | 14238 | 0 | 43 |