Carding CREATING YOUR OWN WORKING CARDING METHODS + TIPS

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

pedro98 said:

Nice one

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

eb303623 said:

Trong hướng dẫn hôm nay, chúng ta sẽ học một số mẹo về cách để có được phương pháp làm việc của riêng mình . Bạn nên lưu ý rằng, các trang web luôn cập nhật hệ thống của họ để làm mọi thứ trở nên khó khăn và phức tạp đối với chúng ta. Vì vậy, trong trường hợp một phương pháp ngừng hoạt động, bạn phải luôn tìm một mẹo khác hoặc một cách để xử lý trang web và vượt qua hệ thống Chống gian lận của họ (Hạn chế).

Vì vậy, tôi đã đưa ra những mẹo này để giúp bạn tạo ra phương pháp làm việc của riêng mình.
Hãy tự hỏi, Tôi thực sự muốn gắn thẻ những gì? Các danh mục sản phẩm bạn muốn gắn thẻ (Quần áo, Trang sức, Quần áo, TV, Loa, v.v.) và trang web bạn đang nhắm mục tiêu.

Trước hết, hãy xem hướng dẫn của tôi về ( TÌM CỬA HÀNG ĐỂ ĐẤM BẤM )
Bạn có thể tìm kiếm theo danh mục những thứ bạn cần như ví dụ (Thiết bị âm thanh, Quần áo, v.v.).
Một vài cửa hàng sẽ được liệt kê. Chúng ta sẽ chọn cửa hàng mình muốn, vào Google và kiểm tra các đánh giá trên Truspilot để xem đó có phải là cửa hàng đáng tin cậy và mọi người có mua hàng ở đó không.

Bây giờ là lúc thực hiện RECON , Tìm hiểu loại hệ thống chống gian lận nào đang được triển khai trong cửa hàng.

Thông thường có hai cách tôi sử dụng cho RECON, đó là:

1. Kiểm tra cửa hàng thông qua
Wappalyzer hoặc bạn có thể sử dụng tiện ích mở rộng Chrome của họ

2. Bộ chặn Http - " Burp Suite" hoặc " Caido "

a. Với Wappalyzer , mọi việc thật đơn giản.
Chúng tôi vào trang web , tạo một tài khoản. Xác minh tài khoản và chúng tôi có thể bắt đầu nghiên cứu các cửa hàng. Chúng tôi sẽ sao chép và nhập trang web mà chúng tôi lựa chọn. Nó sẽ cung cấp cho chúng tôi manh mối về những gì hệ thống sử dụng và Hệ thống chống gian lận tích hợp của họ.

Sau đây là ví dụ về một trang web tôi đang kiểm tra:
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite hoặc Caido - Bạn tải xuống cái bạn thích và cài đặt. Nhưng bạn sẽ cần phải tự bảo vệ mình bằng proxy nếu bạn sử dụng phương pháp này. Một trong những người anh em tốt của chúng tôi đã viết hướng dẫn về nó, bạn có thể kiểm tra ở đây ( Reconnaissance )
Sau đó, bạn cần biết loại thông tin mà mỗi hệ thống chống gian lận thu thập, vì chúng khác nhau.

Sau đây là ví dụ về cách nó trông như thế nào:
• Bộ ợ hơi
View attachment 52586

• Cai-đô
View attachment 52588

Nếu bạn tìm hiểu về thông tin của trang web và bạn thấy ổn với thông tin đó, hãy truy cập trang web, Đọc Chính sách bảo mật, Câu hỏi thường gặp (FAQ) và Điều khoản dịch vụ (TOS) hoặc Điều khoản điều kiện của họ. Ngoài ra, hãy kiểm tra chính sách vận chuyển của họ ( nếu họ vận chuyển đến những nơi khác hoặc chỉ địa chỉ thanh toán ) và xem liệu nó có phù hợp với nhu cầu của bạn không.

Tại thời điểm này, chúng tôi sẽ kiểm tra trang web bằng cách sử dụng thẻ trả trước hoặc thẻ chết (Lý do? Để kiểm tra). Mặc dù thẻ trả trước không được một số thương gia chấp nhận, chúng tôi chỉ đang kiểm tra mọi thứ diễn ra trên trang web trong khi chặn .

Bây giờ, chúng ta tiếp tục và thực hiện mua hàng và xem yêu cầu chúng ta nhận được từ http interceptor . Nếu mọi thứ đều ổn, thì chúng ta có thể bắt đầu.

TỔNG KẾT VÀ MẸO​

*** Văn bản ẩn: không thể trích dẫn. ***


Nếu mọi thứ diễn ra tốt đẹp mà không có vấn đề gì, thì phương pháp của bạn đang hoạt động, bạn có thể ghi chú lại (Thiết lập của bạn, Cách bạn xử lý cửa hàng và các thùng bạn đã sử dụng) Nhưng trong trường hợp đơn hàng bị hủy hoặc từ chối, hãy đợi vài giờ và thử lại. Nếu vẫn tiếp diễn thì có vấn đề nên chúng tôi cần tìm ra.


PHẦN KẾT LUẬN :
Tuy nhiên, sẽ phải thử nghiệm (Kiểm tra) cho đến khi chúng ta tìm ra cách nào hiệu quả và không phải lúc nào cũng dễ dàng. Vâng, mục tiêu là thành công.

CHÚC BẠN MỌI ĐIỀU TỐT LÀNH!

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

eb303623 said:

In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).

So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.

First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.

Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.

Usually there are two ways I use for RECON, they are :

1. Checking the store through
Wappalyzer or you can use their chrome Extension

2. Http interceptors - "Burp Suite or "Caido"

a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.

Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583

b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.

Here is an example of how it looks like :
• Burp Suite
View attachment 52586

• Caido
View attachment 52588

If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.

At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.

Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.

SUMMING UP AND TIPS​

*** Hidden text: cannot be quoted. ***


If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.


CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.

ALL THE BEST!

Click to expand...

cash0utpro said:

How do we decide if we should use our drop address as billing or card holders? If they have AVS, order will get flagged if billing doesn't match cardholders. But if we use cardholders billing then different billing and shipping address itself is a red flag for fraud detection systems. So what do we do when it comes to billing and shipping addresses?

Click to expand...

Some One said:

What phone number should I use? CH's phone number, CH's phone number with 1-2 digit spoofing, or one of his old phone numbers found in his BG?

Click to expand...