[mox1]

Uhh yea, this is Running shellcode 101, works very well. My Red Team stuff at work all starts with a simple loader like this (with some encryption / obfuscation sprinkled in).

When I was first shown this I was like 'What non virus use case does this have!?!?'

[ssklash]

Red teamer here too, and this was my exact thought. There's lots of legit uses for DLL injection, but straight up shellcode injection? Shady as hell. So of course it was an AV vendor...

[tptacek]

Instrumenting and debugging live processes is the big one.

[dotancohen]

Which is not an end-user advantage but rather a tool to better understand end-user software - equally useful for improving said software or attacking it. Assuming GP meant "virus" as in "malware" then actually this supports his point.