UAV (Drone) Forensic Analysis

32 Hours / 4-Day

This four-day advanced level course will equip you with the practical skills and competencies required to identify and extract various sources of data recoverable from Unmanned Aircraft Systems (UAS), also known as Drones, including their associated control devices in line with approved best practices.

InquireRegister for an upcoming class

Introduction to UAV Forensics

  • Introduction to sUAS
  • Criminal use of UAV’s
  • Manufacturers variables
  • Attack vectors – risks to public safety
  • Drone adaptation
  • Capacity & Capability of drones
  • Health & Safety – Handling & Seizure
  • Health & Safety – LiPo Batteries
  • Linked devices – Controller Considerations
  • Digital vs. Physical Evidence
  • Packaging / Storage & Continuity
  • Understanding how flight logs are created & updated
    • Aircraft power on a flowchart.

Components of sUAS

  • Components and features of small unmanned aircraft systems(sUAS)
  • Controller options
    • Mobile and Tablet Devices
    • Bespoke flight controllers
    • Integrated displays
    • FPV controllers
  • Autonomous flights
    • Return-to-home feature
    • WiFi controls
    • Signal interception.

UAV (Drone) Piloting Techniques


  • Recognizing components of a typical ‘off the shelf’ Drone
  • Recognizing components within the box
  • Basic instruction on flying the drone
  • Practical exercises in flying your drone
    • Safe handling techniques.

Extraction Techniques

  • Extraction of data from the aircraft
  • Extraction of data from the mobile \ tablet device
  • Extraction of controller data
  • Disassembling techniques
    • Arguments for and against
  • Advanced extractions using CFID and Raven devices
  • Using File Transfer Protocols (FTP) to extract UAV data
  • Advanced exploitation of communcations ports to access data

Interpretation of Data

  • Techniques in using open source and commercial forensic tools to review UAV data
    • Interpretation of data contained on the UAV
      • File System considerations
      • Registered user information
      • Aircraft details
      • Flight log analysis techniques
    • Interpretation of data from portable devices
      • Default folder structures of the controlling app from an Android and iOS device
      • Synchronized logs vs. local logs
      • Error log analysis
      • Media file examination (geolocations and dates & times)
      • Workflows in combining offline files for further analysis
    • Techniques in the interpretation of additional data on other devices.

Advanced Analysis Techniques

  • Flight recorder “Blackbox” log analysis
  • PixHawk flight controller extractions and examinations
  • Advanced DJI FTP extraction techniques
  • Off-line decryption of DJI flight logs
  • Custom build Drone analysis
  • Linking hardware devices within the sUAS
  • Simplification of data – graphical representation
  • Bespoke UAV data analysis 

Report Writing

  • Glossary of terms
  • Overview of UAV report considerations
  • Report writing practical

Final Assessment

  • Graded student knowledge assessment
  • Graded UAV examaintion practical


To get the most out of this class, you should:

  • Have 6 months experience of forensic examinations
  • Be familiar with the Windows Operating system.

Request the Syllabus

Contact Spyder Forensics for more details of the course.

Hosting Courses

If you are interested in hosting this, or any of our courses at your facility, contact us.

Ready to get started?