You may have already read this article 8 months ago, but since we changed a lot the ROP-related syntax, we’re quite sure that you won’t mind reading an updated version As attackers are moving forwards, so does the defense. Since a couple of years, every decent operating system has non-executable stack, defeating the classic ‘put your shellcode on the stack and execute it’ modus operanti. This is why attackers are now using (among other things) Return Oriented Programming, also known as ROP, to bypass this protection.