A comprehensive cybersecurity knowledge base for drone/UAV vulnerabilities, attack vectors, and defense strategies.
The Drone Security Knowledge Base addresses the critical gap in consolidated UAV cybersecurity information. With over 70% of practitioners lacking awareness of UAV cyber risks (Frontiers, 2025), this project provides a centralized, accessible resource for:
- Security Researchers investigating drone vulnerabilities
- Penetration Testers assessing UAV systems
- Drone Manufacturers improving product security
- Regulatory Bodies developing security standards
- Hobbyists & Operators understanding risks
Based on the official OWASP Drone Security Project, covering:
| # | Risk | Severity |
|---|---|---|
| 1 | Insecure Communication | π΄ Critical |
| 2 | Weak Authentication/Authorization | π΄ Critical |
| 3 | Insecure Firmware/Software | π High |
| 4 | GPS Spoofing | π High |
| 5 | Insufficient Network Security | π High |
| 6 | Inadequate Data Protection | π‘ Medium |
| 7 | Lack of Secure Update Mechanism | π‘ Medium |
| 8 | Insecure Third-party Components | π‘ Medium |
| 9 | Physical Security Weaknesses | π‘ Medium |
| 10 | Insufficient Logging & Monitoring | π’ Low |
Documented vulnerabilities with technical details:
| CVE ID | Product | CVSS | Status |
|---|---|---|---|
| CVE-2024-52876 | Holy Stone Remote ID Module | 7.5 | Patched |
| CVE-2024-6422 | Consumer UAV (Multiple) | 9.8 | Vendor Notified |
| CVE-2023-6951 | DJI Mavic 3 Series | 6.6 | Patched |
| CVE-2023-51454-56 | DJI Mavic 3 vtwo_sdk | 6.8 | Patched |
- Communication Attacks: WiFi Deauth, MAVLink Injection, Replay, MITM
- GPS/Navigation Attacks: GPS Spoofing, Jamming, IMU Manipulation
- Network Attacks: Telnet Access, FTP Exploitation, DoS
- Firmware Attacks: Extraction, Downgrade, Code Injection
Curated collection of:
- Offensive security tools (DroneSploit, Damn Vulnerable Drone)
- Analysis frameworks (DJI Firmware Tools, pymavlink)
- Standards (OWASP, NIST SP 800-193, ETSI EN 303 645)
Simply open index.html in any modern web browser.
# Clone the repository
git clone https://github.com/yourusername/drone-security-kb.git
cd drone-security-kb
# Serve with Python
python3 -m http.server 8080
# Or use Node.js
npx serve .Then navigate to http://localhost:8080
- Fork this repository
- Go to Settings β Pages
- Select "Deploy from a branch" β main
- Access at
https://yourusername.github.io/drone-security-kb
drone-security-kb/
βββ index.html # Main application (single-page)
βββ README.md # This file
βββ LICENSE # MIT License
βββ docs/
βββ OWASP_TOP_10.md # Detailed risk descriptions
βββ CVE_DATABASE.md # Full CVE documentation
βββ ATTACK_VECTORS.md # Attack methodologies
βββ MITIGATIONS.md # Defense strategies
The MAVLink protocol, used by ArduPilot, PX4, and many commercial drones, transmits unencrypted messages by default.
# Example: Sniffing MAVLink traffic
from pymavlink import mavutil
# Connect to drone
master = mavutil.mavlink_connection('udp:0.0.0.0:14550')
while True:
msg = master.recv_match(blocking=True)
print(f"[{msg.get_type()}] {msg.to_dict()}")Mitigation: Implement MAVLink 2.0 with message signing and ChaCha20 encryption.
Many consumer drones expose dangerous services:
# Common drone network scan results
$ nmap -sV 192.168.1.1
PORT STATE SERVICE
21/tcp open ftp # Anonymous access!
23/tcp open telnet # Root shell!
80/tcp open http # Unauthenticated API
5555/tcp open adb # Android Debug BridgeMitigation: Disable unnecessary services, enforce authentication.
Civil GPS signals are unencrypted, making drones vulnerable to position manipulation.
Attacker β [Fake GPS Signal] β Drone GPS Receiver
β
[False Position]
β
[Navigation Error]
Mitigation: Multi-constellation GNSS, IMU fusion, visual positioning backup.
Use this checklist when assessing drone security:
-
Network Reconnaissance
- Identify WiFi access point
- Scan for open ports (21, 22, 23, 80, 5555)
- Check for default credentials
-
Communication Security
- Test for unencrypted traffic
- Attempt replay attacks
- Check MAVLink message signing
-
Authentication Testing
- Try default passwords
- Test Bluetooth pairing security
- Attempt session hijacking
-
Firmware Analysis
- Extract and analyze firmware
- Check for signed updates
- Look for hardcoded credentials
-
Physical Security
- Check for debug ports (JTAG/SWD)
- Test tamper detection
- Analyze storage encryption
| Likelihood β / Impact β | Low | Medium | High | Critical |
|---|---|---|---|---|
| Very High | π‘ | π | π΄ | π΄ |
| High | π’ | π‘ | π | π΄ |
| Medium | π’ | π‘ | π | π |
| Low | π’ | π’ | π‘ | π‘ |
- OWASP Drone Top 10
- OWASP Drone Security Cheat Sheet
- NIST SP 800-193 Platform Firmware Resiliency
- ETSI EN 303 645 Consumer IoT Security
- D3S: Drone Security Scoring System (MDPI 2024)
- DJI Mavic 3 Research - Nozomi Networks
- MAVSec: Securing MAVLink Protocol
- GPS Spoofing Survey - PMC
- DroneSploit - Metasploit-like drone exploitation framework
- Damn Vulnerable Drone - Practice environment
- DJI Firmware Tools - Firmware analysis utilities
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/new-cve) - Commit your changes (
git commit -am 'Add CVE-2024-XXXXX') - Push to the branch (
git push origin feature/new-cve) - Open a Pull Request
When adding new CVEs, please include:
- CVE ID and NVD link
- Affected product/firmware version
- CVSS score and severity
- Technical description
- Proof of concept (if public)
- Mitigation steps
- References
This knowledge base is for educational and defensive security research purposes only.
- Do NOT use this information to attack systems without authorization
- Always obtain proper permission before security testing
- Respect responsible disclosure practices
- Comply with all applicable laws and regulations
Unauthorized access to computer systems is illegal and unethical.
This project is licensed under the MIT License - see the LICENSE file for details.
- OWASP Foundation for the Drone Security Project
- Security researchers who responsibly disclose drone vulnerabilities
- The open-source drone security community
Built for the UAV Security Research Community
β Star this repo if you find it useful!