SUMMARY
SQL Injection Attacks are a common threat for web-based applications that use insecure input validation to target database attacks. This becomes a very serious problem in web-based applications because successful execution causes loss of integrity and confidentiality and this makes it a very sensitive software security issue. This study presents a Systematic Literature Review (SLR) using PICOC Method on Preventing SQL Injection Attacks Using OWASP Tools. This study provides an overview of SQL Injection Attacks, detection, and prevention techniques. In the end, an evaluation of the effectiveness of detection and prevention using the OWASP CSR Web Application firewall was carried out. It should be noted that the OWASP Tools can also detect and prevent SQL Injection Attacks.