Carding 👑 d0c's Carding Setup for 2025 👑



d0ctrine

d0ctrine

Fraud Daddy
Elite
Supreme
Joined
26.12.23
Messages
233
Reaction score
4,125
Points
93
1735461507092.png
👑 d0c's Carding Setup for 2025 👑
A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

d0c setuo (1).png

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

📱 The iPhone: A Carder's Ultimate Tool 📱

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.


Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:
  • Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
  • Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
  • ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
  • High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
  • Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on 🌐 Strategic Carding: Getting the Cleanest Possible IPs 🌐 youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

1735462932289.png

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
1735462992017.png

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
1735463003170.png

NETNUT
1735463026939.png

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.


Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

1735463504949.png

Usually Smartproxy uses this format:

Code: 
user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

1735463423789.png

Code: 
#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):
  1. Save this script as `prox.sh` somewhere on your Mac.
  2. Open Terminal and navigate to where you saved the script.
  3. Make it executable: `chmod +x prox.sh`
  4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
To view the content, you need to Sign In or Register.

How to Use It (Windows):
  1. Save this as `prox.ps1`.
  2. Open PowerShell as an administrator.
  3. Navigate to the scripts location.
  4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.


Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE



These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

1735464022721.png

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

1735463973910.png

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.


🧰 Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

  • Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
  • Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.
Fingerprint Checks:

  • demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
  • creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
  • fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
  • browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

  • IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
  • Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN



I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:



Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.
 
Last edited:
Rize0001

Rize0001

Active Carder
Joined
08.12.24
Messages
27
Reaction score
3
Points
3
d0ctrine said:
View attachment 51543
👑 d0c's Carding Setup for 2025 👑
A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.


Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

📱 The iPhone: A Carder's Ultimate Tool 📱

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.


Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:
  • Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
  • Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
  • ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
  • High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
  • Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on 🌐 Strategic Carding: Getting the Cleanest Possible IPs 🌐 youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.


Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

Code: 
user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

Code: 
#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):
  1. Save this script as `prox.sh` somewhere on your Mac.
  2. Open Terminal and navigate to where you saved the script.
  3. Make it executable: `chmod +x prox.sh`
  4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):
  1. Save this as `prox.ps1`.
  2. Open PowerShell as an administrator.
  3. Navigate to the scripts location.
  4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.


Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE



These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.


🧰 Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

  • Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
  • Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.
Fingerprint Checks:

  • demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
  • creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
  • fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
  • browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

  • IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
  • Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN



I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:



Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.
Click to expand...
thanks alot brother <3
 
W

whateverthisis

Active Carder
Joined
31.10.24
Messages
25
Reaction score
3
Points
3
d0ctrine said:
View attachment 51543
👑 d0c's Carding Setup for 2025 👑
A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.


Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

📱 The iPhone: A Carder's Ultimate Tool 📱

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.


Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:
  • Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
  • Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
  • ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
  • High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
  • Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on 🌐 Strategic Carding: Getting the Cleanest Possible IPs 🌐 youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.


Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

Code: 
user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

Code: 
#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):
  1. Save this script as `prox.sh` somewhere on your Mac.
  2. Open Terminal and navigate to where you saved the script.
  3. Make it executable: `chmod +x prox.sh`
  4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):
  1. Save this as `prox.ps1`.
  2. Open PowerShell as an administrator.
  3. Navigate to the scripts location.
  4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.


Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE



These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.


🧰 Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

  • Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
  • Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.
Fingerprint Checks:

  • demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
  • creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
  • fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
  • browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

  • IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
  • Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN



I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:



Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.
Click to expand...
This is goin down in history.
 
K

kira306

Carding Novice
Joined
22.11.24
Messages
16
Reaction score
0
Points
1
d0ctrine said:
View attachment 51543
👑 d0c's Carding Setup for 2025 👑
A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.


Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

📱 The iPhone: A Carder's Ultimate Tool 📱

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.


Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:
  • Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
  • Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
  • ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
  • High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
  • Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on 🌐 Strategic Carding: Getting the Cleanest Possible IPs 🌐 youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.


Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

Code: 
user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

Code: 
#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):
  1. Save this script as `prox.sh` somewhere on your Mac.
  2. Open Terminal and navigate to where you saved the script.
  3. Make it executable: `chmod +x prox.sh`
  4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):
  1. Save this as `prox.ps1`.
  2. Open PowerShell as an administrator.
  3. Navigate to the scripts location.
  4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.


Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE



These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.


🧰 Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

  • Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
  • Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.
Fingerprint Checks:

  • demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
  • creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
  • fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
  • browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

  • IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
  • Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN



I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:



Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.
Click to expand...
Messi is best
 
E

elchiteroculiao

Carding Novice
Joined
22.04.23
Messages
5
Reaction score
0
Points
1
d0ctrine said:
View attachment 51543
👑 d0c's Carding Setup for 2025 👑
A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.


Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

📱 The iPhone: A Carder's Ultimate Tool 📱

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.


Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:
  • Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
  • Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
  • ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
  • High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
  • Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on 🌐 Strategic Carding: Getting the Cleanest Possible IPs 🌐 youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.


Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

Code: 
user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

Code: 
#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):
  1. Save this script as `prox.sh` somewhere on your Mac.
  2. Open Terminal and navigate to where you saved the script.
  3. Make it executable: `chmod +x prox.sh`
  4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):
  1. Save this as `prox.ps1`.
  2. Open PowerShell as an administrator.
  3. Navigate to the scripts location.
  4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.


Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE



These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.


🧰 Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

  • Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
  • Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.
Fingerprint Checks:

  • demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
  • creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
  • fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
  • browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

  • IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
  • Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN



I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:



Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.
Click to expand...
Great
 
S

ShogunSensei

Carding Novice
Joined
26.11.24
Messages
18
Reaction score
2
Points
3
G
d0ctrine said:
View attachment 51543
👑 d0c's Carding Setup for 2025 👑
A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.


Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

📱 The iPhone: A Carder's Ultimate Tool 📱

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.


Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:
  • Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
  • Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
  • ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
  • High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
  • Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on 🌐 Strategic Carding: Getting the Cleanest Possible IPs 🌐 youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.


Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

Code: 
user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

Code: 
#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):
  1. Save this script as `prox.sh` somewhere on your Mac.
  2. Open Terminal and navigate to where you saved the script.
  3. Make it executable: `chmod +x prox.sh`
  4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):
  1. Save this as `prox.ps1`.
  2. Open PowerShell as an administrator.
  3. Navigate to the scripts location.
  4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.


Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE



These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.


🧰 Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

  • Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
  • Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.
Fingerprint Checks:

  • demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
  • creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
  • fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
  • browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

  • IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
  • Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN



I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:



Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.
Click to expand...
ood shit!
 
T

Trickysigma

Active Carder
Joined
24.03.24
Messages
74
Reaction score
7
Points
8
d0ctrine said:
View attachment 51543
👑 d0c's Carding Setup for 2025 👑
A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.


Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

📱 The iPhone: A Carder's Ultimate Tool 📱

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.


Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:
  • Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
  • Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
  • ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
  • High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
  • Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on 🌐 Strategic Carding: Getting the Cleanest Possible IPs 🌐 youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.


Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

Code: 
user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

Code: 
#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):
  1. Save this script as `prox.sh` somewhere on your Mac.
  2. Open Terminal and navigate to where you saved the script.
  3. Make it executable: `chmod +x prox.sh`
  4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):
  1. Save this as `prox.ps1`.
  2. Open PowerShell as an administrator.
  3. Navigate to the scripts location.
  4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.


Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE



These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.


🧰 Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

  • Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
  • Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.
Fingerprint Checks:

  • demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
  • creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
  • fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
  • browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

  • IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
  • Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN



I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:



Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.
Click to expand...
Thanks
 
You must log in or register to reply here.
Top Bottom