The binary code that is the payload for buffer overflow and format string attacks. Typically, an egg written in assembly and designed to enable remote access or escalate privileges from an ordinary user account to administrator level when it hatches. Also known as shellcode.

The name comes from a particular buffer-overflow exploit that was co-written by a cracker named eggplant. The variable name ‘egg’ was used to store the payload. The usage spread from people who saw and analyzed the code.