Along with all ways the Web makes it easier to transmit information and increase the productivity of everyday activities in the modern world, due to misuse of the different stakeholders, it also introduces numerous dangers and risks for all its users. Attackers use the Web to inject malicious HTML JavaScript code which they use to directly or indirectly obtain certain profits. Timely detection of such Web pages is crucial to protect everyone who accesses the Web while keeping all advantages brought by the Web technology. The detection of the injected JavaScript and HTML fragments is not trivial and there are plenty of suggested methods trying to fix this problem. The purpose of each of the suggested algorithms is to find the maximum number of malicious websites with the minimum number of false-positive detections in the minimal execution time and the maximum efficiency. The selected ways of injected malicious HTML and JavaScript elements in the Web pages will be explained and implemented. The methods the thesis will cover will use exclusively HTML of the Web page and won't have the possibility to access the Web application source code. There is no effective algorithm of malicious webpages detection that is completely reliable and accurate, but each of them has a certain rate of false-positive results and misses the detection of a certain number of malicious websites. On the other hand, the classic approach to detecting the websites using high-interactivity test devices and manual examination by the security experts results in a much greater check duration for each of the Web pages. The described algorithms introduce the compromise between the execution speed or effectiveness and the reliability or the number of misses attacked and false-positive detections. The algorithm based on the associative classification (CBA) has high accuracy with a very low false-positive rate and false-negative rate. The performance of this algorithm has been compared with the well-known classification algorithms, including support vector machine (SVM), naive Bayes, and logistic regression. The analysis shows that the CBA method is better than the naive Bayes with its high precision, while the logistic regression and SVM have a high false-negative rate compared to the false-negative rate of the CBA algorithm. CBA reaches high effectiveness compared to the classificators of the well-known algorithms and it also enables an easy interpretation of the results that help the security analysts and end-users to more easily understand the evolution of the malicious URLs. The experiment results using the static heuristics algorithm give a malicious webpages rate of 6.83%, so it is possible to include that the majority of detection in this experiment is false, which can be partially reduced by introducing certain optimizations. The experiment results using the algorithm based on the scoring mechanism give a malicious webpages rate of 11.34%. It can be concluded that the false positive rate of this algorithm is relatively high with a smaller possibility of optimization than for the static heuristics. This algorithm won't make a binary classification of the webpages as malicious or benign, but it will mark them as potentially malicious and forward them to the proper detection devices or security experts for manual analysis that make up the second component of the hybrid website malice testing system along with this algorithm. Static heuristics algorithm and the algorithm based on the scoring mechanism cannot be used as reliable tools for malice detection without the extra checks, because they have a relatively high false-positive rate so their results should be forwarded to more reliable algorithms and mechanisms that will make the final decision. There is a certain correlation between the detections of the static heuristics algorithm and the algorithm based on the scoring mechanism, which means that a certain number of Web pages that have been classified as malicious by the static heuristics algorithm will also be classified as malicious by the algorithm based on the scoring mechanism. The malicious webpages rate obtained by the yara rules algorithms analysis is 7.27%. The algorithm based on yara rules has a lower false detection rate in general and can be considered a better algorithm. The algorithm based on yara rules is more reliable than the other two algorithms in general because it has a low false-positive results rate, it can detect specific malicious samples and be more easily customized for new types of attacks compared and provide a more accurate diagnosis compared to the other two algorithms. Still, the algorithm based on yara rules has the weaknesses of all signature-based algorithms, and that is a certain false-negative rate due to the possibility that yara rules fail to detect the altered malicious code fragments that still have the same functionality even after their alteration.