What are code caves and why are they important for backdooring EXE files with BDF?

Code caves are unused byte regions within PE file sections (like .data or .rdata) that can be overwritten with shellcode without affecting the original program. The Backdoor Factory scans for these caves to store payloads, avoiding file size increases. However, if the cave is in a non-executable section, BDF must modify section permissions to add execute rights, as detailed in the original article.