CSRF HTML made easy with Pinata CSRF Version 0.93.

What’s Pinata ?

  • The tool will generate proof of concept CSRF HTML given an HTTP request. It will automatically check whether it is a GET or a POST request and with further validation for standard POST and Multipart/form POST.
  • The tool will then create an HTML corresponding to the type of the request.
  • The GET CSRF HTML includes IMG tag with SRC set to the URL being tested.
  • The POST CSRF HTML is created with auto submit java script form with names and values from the HTTP request.


  • Download pinata.zip from the downloads.
  • It is Python based tool. Needs Python installed

NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"