Bypassing CSRF tokens with Python’s CGIHTTPServer to exploit SQLi

There are ways to configure Burp using macros to bypass CSRF tokens on HTML forms, so we can use Burp Active Scans, Burp Intruder, Burp Repeater, and (cautiously) even Burp Proxy. There's also Grep-Extract and pitchfork attack type specifically for Intruder. And, you might even develop your Burp Extension to do it. Sqlmap has a --csrf-token and a --csrf-url for the same purpose, or you can just configure Burp as previously stated, and run sqlmap through Burp using --proxy. Now, here's another way, using CGIHTTPServer from python.