##Digital Forensics Student Education Disk (DFSED) - Education scripts for Digital Forensic Students

###Scripts:

• menu.sh
• 0_skel
• 1_imagedisk - Creates and verifies a bit for bit (dd) copy of a Disk, also outputs a list of all files (deleted and present) to a Report
• 2_mountimage - Mount/Unmount an image using the loopback device (Read Only)
• 3_recfiletype - Search and recover deleted files by file type
• 4_threatsearch - Search for a threatening document from an disk image
• 5_imagecarve - Carves a .jpg image from slack space
• 6_serveraccess - Search for the "Identification String" in server logs to see if any unauthorised access has been attempted and output suspect IP
• 7_zerodisk - "Zero" a disk, and remove all contraband
• 8_extractSAM - Extract and copy SAM, SYSTEM and SECURITY files from a dead Windows machine
• 9_MACSpoof - Spoof MAC Address
• 10_Con2Wireless - Connect to wireless
• 11_BypassHotpotSecurity - Bypass Hotspots Access Controls
• 12_WEPCracking - Crack WEP Passwords
• 13_WPACracking - Dictionary attack WPA passwords
• 14_ARPPoisoning - ARP Poisoning Intercepts User Names and Passwords
• 15_PictureAudio - Intercepts Pictures and Audio and Save to a Selected Folder
• 16_URL_intercept - Intercepts Websites URL's
• 17_DOS Upload Scripts - Knock off and prevent users from accessing a wireless network
• 18_raw2vmdk - Convert Raw image to vmdk