I want to get into carding and have done quite a bit of research. I have two carding setups i came up with.
1. Kicksecure Linux Host > Whonix VM > RDP > SOCKS5 proxy
2. Kicksecure Linux Host > Windows 7 VM + Whonix Gateway VM > SOCKS5 proxy
In both setups i use Kicksecure Linux as the host, a linux distro based on Debian with hardened security and privacy. It is developed by the same people as Whonix and is used as a base for the Whonix OS.
The absence of a VPN is due to Tor taking the place of the VPN which generally does a much better job of anonymizing traffic than a VPN.
In the first setup Whonix (which routes all traffic through Tor) is used to anonymize all traffic between the Host and the RDP. While in the second i use a Windows 7 VM together with Whonix Gateway to route all the traffic of the Windows VM through Tor, this should not trigger fraud detectors as the proxy is always the last hop.
What are your thoughts?