eng Science and Education Publishing American Journal of Computing Research Repository 2016-02-17 4 1 15 20 10.12691/ajcrr-4-1-3 AJCRR2016413 article Muiruri Chris Karumba chrismuiruri@yahoo.co.uk 1 Samuel Ruhiu 1 Christopher A. Moturi 1 School of Computing and Informatics, University of Nairobi, Nairobi, Kenya Web vulnerability scanners (WVS) are tools for discovering vulnerabilities in a web application. However, they are not 100% accurate. In this paper we develop a hybrid algorithm for detecting web based applications vulnerabilities and compare its performance with other open source WVS. The comparison is based on three metrics namely time taken to scan, detection accuracy and consistency. http://pubs.sciepub.com/ajcrr/4/1/3/ajcrr-4-1-3.pdf web vulnerability scanners open source algorithm web based applications