In today's guide, we are going to learn sone tricks on
how to get our own working methods. You should note that, websites are always updating their systems to make things
difficult and hard for us. So Incase a method
stopped working, you must always find another trick or a way on how to deal with the website and bypass their Anti-Fraud system (Restriction).
So I made these tips to help you create your own working methods.
Ask yourself, What do I really want to card?
The categories of things you want to card (Clothes, Jewelry, Clothes, TV, Speakers etc.) and the site you are targeting.
First of all, Check my guide on (
FINDING STORES TO PUNCH)
You can search the categories of things you need like example ( Audio equipment, Clothes etc.).
A couple of stores will be listed. We will choose the one we want, Head to Google and check the reviews on
Truspilot to see if it's a reliable one and people do make purchases there.
Now it's time to do
RECON, Find out what type of
Anti-Fraud system is being implemented in store.
Usually there are two ways I use for RECON, they are :
1. Checking the store through
Wappalyzer or you can use their chrome
Extension
2. Http interceptors - "
Burp Suite or "
Caido"
a. With
Wappalyzer, it's simple.
We head to the
website, create an account. Verify the account and we can start our research on the stores. We will copy and input the the website of our choice. It will give us a clue of what the system uses and their inbuilt Anti-Fraud System.
Here is an example of a website I was checking :
View attachment 52580
View attachment 52581
View attachment 52582
View attachment 52583
b.
Burp Suite or
Caido - You download your preferred one and install it. But you will need to protect yourself with proxies if you are using this method. One of our good brother wrote a guide on it, you can check it here (
Reconnaissance)
After that, you should know the type of information each Anti-Fraud system takes, it varies.
Here is an example of how it looks like :
• Burp Suite
View attachment 52586
• Caido
View attachment 52588
If you find out about the website's information and you are okay with it, Head to the website,
Read their Privacy Policy, Frequently Asked Questions (FAQ) and Terms of Service (TOS) or Terms of Conditions. Also check their shipping policy (
if they ship to other places or only the billing address) and see if it suits your needs.
At this point we are going to test the website by using a prepaid or dead card (Reason? For testing). Even though prepaid card is not accepted by some merchants, we are just testing how things go on the website while
intercepting.
Now, we go ahead and make a purchase and see the request we get from our
http interceptor. If everything is okay, then we are good to go.
SUMMING UP AND TIPS
*** Hidden text: cannot be quoted. ***
If everything goes well without any problems, then your method is working you can note it down (Your setup, How you deal with the store and the bins you used) But Incase order cancel or declines, wait for some hours and try again. If it persist then, there is a problem so we need to figure it out.
CONCLUSION :
However it's going to be trial and error (Testing) till we figure out what is working and It's not going to be easy always. Well, the goal is to succeed.
ALL THE BEST!
![unknown45](https://pic-cc.com/data/avatars/m/11/11123.jpg?1649553349"){kind=avatar}
