Science and Education Publishing American Journal of Computing Research Repository 4 1 2016 2 17 A Hybrid Algorithm for Detecting Web Based Applications Vulnerabilities 15 20 EN Muiruri Chris Karumba School of Computing and Informatics, University of Nairobi, Nairobi, Kenya Samuel Ruhiu Christopher A. Moturi AJCRR2016413 10.12691/ajcrr-4-1-3 2015 9 21 2015 12 11 2016 2 15 Web vulnerability scanners (WVS) are tools for discovering vulnerabilities in a web application. However, they are not 100% accurate. In this paper we develop a hybrid algorithm for detecting web based applications vulnerabilities and compare its performance with other open source WVS. The comparison is based on three metrics namely time taken to scan, detection accuracy and consistency.