SQL Injection Attacks are a common threat for web-based applications that use insecure input validation to target database attacks. This becomes a very serious problem in web-based applications because successful execution causes loss of integrity and confidentiality and this makes it a very sensitive software security issue. This study presents a Systematic Literature Review (SLR) using PICOC Method on Preventing SQL Injection Attacks Using OWASP Tools. This study provides an overview of SQL Injection Attacks, detection, and prevention techniques. In the end, an evaluation of the effectiveness of detection and prevention using the OWASP CSR Web Application firewall was carried out. It should be noted that the OWASP Tools can also detect and prevent SQL Injection Attacks.

Alenezi, M., Nadeem, M., & Asif, R. (2021). SQL injection attacks countermeasures assessments. In Indonesian Journal of Electrical …. researchgate.net. https://www.researchgate.net/profile/Mamdouh-Alenezi-2/publication/344597081_SQL_Injection_Attacks_Countermeasures_Assessments/links/5fcc5c6345851568d142b19a/SQL-Injection-Attacks-Countermeasures-Assessments.pdf

Bisht, P., Pant, D., & Rauthan, M. S. (2018). Analyzing and Defending Web Application Vulnerabilities through Proposed Security Model in Cloud Computing. Journal of Graphic …. https://www.journal.riverpublishers.com/index.php/JGEU/article/view/2592

Castillo, R. E., Caliwag, J. A., Pagaduan, R. A., & ... (2019). Prevention of SQL injection attacks to login page of a website application using prepared statement technique. Proceedings of the 2019 …. https://doi.org/10.1145/3322645.3322704

Chen, D., Yan, Q., Wu, C., & Zhao, J. (2021). Sql injection attack detection and prevention techniques using deep learning. Journal of Physics: Conference …. https://iopscience.iop.org/article/10.1088/1742-6596/1757/1/012055/meta

Chen, Z., & Guo, M. (2018). Research on SQL injection detection technology based on SVM. MATEC Web of Conferences. https://www.matec-conferences.org/articles/matecconf/abs/2018/32/matecconf_smima2018_01004/matecconf_smima2018_01004.html

Fang, Y., Peng, J., Liu, L., & Huang, C. (2018). WOVSQLI: Detection of SQL injection behaviors using word vector and LSTM. … of the 2nd International Conference on …. https://doi.org/10.1145/3199478.3199503

Gautam, B., Tripathi, J., & Singh, S. (2018). A secure coding approach for prevention of SQL injection attacks. In International Journal of Applied …. ripublication.com. https://www.ripublication.com/ijaer18/ijaerv13n11_158.pdf

Harshavardhan, G., & Maheshwari, M. (2020). SQL Injection-Biggest vulnerability of the era. wwww.easychair.org. https://wwww.easychair.org/publications/preprint_download/mptV

Hubskyi, O., Babenko, T., Myrutenko, L., & ... (2020). Detection of sql injection attack using neural networks. International Scientific …. https://doi.org/10.1007/978-3-030-58124-4_27

Jemal, I., Cheikhrouhou, O., Hamam, H., & Mahfoudhi, A. (2020). SQL Injection Attack Detection and Prevention Techniques Using Machine Learning. International Journal of Applied Engineering Research.

Laksono, A. T., & Santoso, J. D. (2021). Analysis of Website Security of SMKN 1 Pangandaran Against SQL Injection Attack Using OWASP Method. … of Informatics and …. http://ejurnal.stmik-budidarma.ac.id/index.php/ijics/article/view/3208

Li, Q., Li, W., Wang, J., & Cheng, M. (2019). A SQL injection detection method based on adaptive deep forest. IEEE Access. https://ieeexplore.ieee.org/abstract/document/8854182/

Mukhtar, B. I., & Azer, M. A. (2020). Evaluating the Modsecurity Web Application Firewall Against SQL Injection Attacks. 2020 15th International Conference on …. https://ieeexplore.ieee.org/abstract/document/9334626/

Muttaqin, M. F., & Yaddarabullah, S. (2020). Implementation of AES-128 and Token-Base64 to Prevent SQL Injection Attacks via HTTP. In International Journal. academia.edu. https://www.academia.edu/download/63904066/ijatcse6093202020200712-21480-1dnfwt1.pdf

Myrutenko, L., & Oksiiuk, O. (2020). Detection of SQL Injection Attack Using Neural Networks. … and Simulation of Systems (MODS’2020 …. https://books.google.com/books?hl=en&lr=&id=jw36DwAAQBAJ&oi=fnd&pg=PA277&dq=prevent+sql+injection+attack+using+owasp&ots=qEAmOU_HB6&sig=pffwDMT8gNa0DaVuqyvI52BBMZg

Olalere, M., Egigogo, R. A., Umar, R., & Abdulhamid, S. M. (2018). A Systematic Literature Review on Detection, Prevention and Classification with Machine Learning Approach. repository.futminna.edu.ng. http://repository.futminna.edu.ng:8080/jspui/handle/123456789/10422

Riadi, I., Umar, R., & Sukarno, W. (2018). Vulnerability of Injection Attacks Against The Application Security of Framework Based Bebsites Open Web Access Security Project (OWASP). In J. Inform. core.ac.uk. https://core.ac.uk/download/pdf/324200022.pdf

Robinson, Akbar, M., & Ridha, M. A. F. (2018). SQL injection and cross site scripting prevention using OWASP web application firewall. International Journal on Informatics Visualization. https://doi.org/10.30630/joiv.2.4.107

Xie, X., Ren, C., Fu, Y., Xu, J., & Guo, J. (2019). Sql injection detection for web applications based on elastic-pooling cnn. IEEE Access. https://ieeexplore.ieee.org/abstract/document/8877739/

Zhang, H., Zhao, B., Yuan, H., Zhao, J., Yan, X., & ... (2019). SQL injection detection based on deep belief network. Proceedings of the 3rd …. https://doi.org/10.1145/3331453.3361280