Brazilian Fake Data — httpdrop Guides

Why you should not use real data in tests

Using a real CPF (even your own) in a development environment is a risky practice. That data ends up in logs, dev database dumps, bug report screenshots and Git repositories. Brazil's LGPD (General Data Protection Law) treats this as a data leak — even if accidental.

The solution is to generate synthetic data that looks real, passes validations, but doesn't correspond to any real person or company.

Available tokens in httpdrop

TokenSample outputUse

{{faker.cpf}}123.456.789-09CPF with valid check digits

{{faker.cnpj}}12.345.678/0001-95CNPJ with valid check digits

{{faker.name}}Ana Carolina RibeiroBrazilian full name

{{faker.email}}ana.ribeiro@email.comFictitious email

{{faker.phone}}(11) 99999-9999Brazilian mobile number

{{faker.address}}Rua das Flores, 42, São PauloFull Brazilian address

{{faker.cep}}01310-100Brazilian ZIP code

{{faker.price}}R$ 249,90Price in BRL

{{faker.uuid}}a3f8c1d2-...UUID v4

{{faker.date}}2025-03-15Random date

Using in Mock Rules

Mock Rule — GET /api/customers/:id

{
  "id": "{{faker.uuid}}",
  "name": "{{faker.name}}",
  "cpf": "{{faker.cpf}}",
  "email": "{{faker.email}}",
  "phone": "{{faker.phone}}",
  "address": {
    "street": "{{faker.address}}",
    "zip": "{{faker.cep}}"
  },
  "created_at": "{{faker.datetime}}"
}

Use cases

🏥

Healthtech — Simulate patients with name, CPF, date of birth and consultation history without compromising any real patient's data.

🏦

Fintech — Test KYC flows with documents (CPF, CNPJ), bank details and addresses that are 100% fictitious but structurally valid.

🛍️

E-commerce — Populate catalogs, orders and customer registrations for demos without needing a real database.

✅

Valid CPF and CNPJ: The {{faker.cpf}} and {{faker.cnpj}} tokens generate numbers that pass check-digit validation — your form validation functions work normally.