How can I execute C# code during XSLT transformation and use it for shellcode execution?

XSLT files can contain embedded C# code inside `<msxsl:script>` blocks, which executes during XML transformation by .NET's XslCompiledTransform. This allows arbitrary code execution, including shellcode when combined with techniques like using VirtualAlloc to bypass DEP. The article's POC demonstrates launching calc.exe via an XSLT file. For more, refer to Study Notes Weekly No.4.