Why was memcpy used instead of strcpy in the test code for shellcode injection?

strcpy stops copying when it encounters a null byte (0x00), which would truncate shellcode containing necessary null bytes (e.g., address pointers). memcpy does not have this limitation, making it more suitable for testing shellcode that may include null bytes. This practical consideration is highlighted in the article's test setup for Windows Shellcode Study Notes - Bypassing DEP via VirtualProtect.