![eb303623](https://pic-cc.com/data/avatars/m/150/150934.jpg?1733143058"){kind=avatar}
- Joined
- 01.05.24
- Messages
- 241
- Reaction score
- 2,672
- Points
- 93
In today's guide, we are going to learn sone tricks on how to get our own working methods. You should note that, websites are always updating their systems to make things difficult and hard for us. So Incase a method stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).
So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.
First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.
Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.
Usually there are two ways I use for RECON, they are :
1. Checking the store through
Wappalyzer or you can use their chrome Extension
2. Http interceptors - "Burp Suite or "Caido"
a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.
Here is an example of a website I was checking :
b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.
Here is an example of how it looks like :
• Burp Suite
• Caido
If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.
At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.
Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.
If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.
CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.
ALL THE BEST!
So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card? The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.
First of all, Check my guide on (FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on Truspilot to see if it's a reliable one and people do make purchases there.
Now it's time to do RECON, Find out what type of Anti-Fraud system is being implemented in store.
Usually there are two ways I use for RECON, they are :
1. Checking the store through
Wappalyzer or you can use their chrome Extension
2. Http interceptors - "Burp Suite or "Caido"
a. With Wappalyzer, it's simple.
We head to the website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.
Here is an example of a website I was checking :
b. Burp Suite or Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.
Here is an example of how it looks like :
• Burp Suite
• Caido
If you find out about the website's information and you are okay with it, Head to the website, Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (if they ship to other places or only the billing address) and see if it suits your needs.
At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while intercepting.
Now, we go ahead and make a purchase and see the request we get from our http interceptor. If everything is okay, then we are good to go.
SUMMING UP AND TIPS
If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.
CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.
ALL THE BEST!
Attachments
-
1000036853.jpg
