Glossary
Shellcode
Self-contained position-independent machine code injected and executed in a target process, typically as an exploit payload.
Shellcode is a small blob of raw machine code — named because it historically spawned a shell — designed to be injected into and executed within a running process. It must be position-independent (no hardcoded absolute addresses), free of null bytes (to survive strcpy-based injection paths), and self-contained. Shellcode is written directly in assembly or compiled with special flags, then extracted as a byte array. Analyzing shellcode involves feeding the raw bytes to a disassembler, understanding its opcodes and system calls, and running it in a sandbox to observe behavior safely.
; classic x86 Linux execve("/bin/sh") shellcode (simplified)
xor eax, eax
push eax
push 0x68732f2f
push 0x6e69622f
mov ebx, esp
int 0x80