The CrySyS Lab collects malware samples from multiple sources: malware feeds from industry partners and VirusTotal, as well as from honeypot farms and public repositories. We use these samples to build and maintain a large database of IoT malware with hundreds of thousands of samples. This database is an important asset for our research, however, our research infrastructure lacks specific modules for handling these samples.

The tasks of the students is to develop reuseable modules for our research infrastructure to facilitate the analysis of collected samples. More specifically:
- Develop an unpacker module that can detect packed ELF files, determine the likely packer used, and attempt to unpack the files to recover the obfuscated functionality.
- Develop a function extractor module that can analyze ELF files, identify the functions inside these files, and extract them for further analysis.