According to Wikipedia code caves
are areas inside a program's file that are not used for code (instructions).
These spaces are usually filled with zeros by the compiler/linker as either
padding or placeholders for future code changes.
The interesting thing about code caves is that they can be used to hide
malicious code or data. To explore that I built caveminer, a tool that list
all code caves found in a Windows binary. This information can later be abused
in different ways (see this old blog post
for some ideas).