Instead of allocating a memory region with full RWX permissions, which might not work in all scenarios and could potentially be seen as malicious by anti-malware protections, by specifying the -Stealth command line switch the Invoke-Shellcode cmdlet will now allocate memory with RW permissions via the VirtualAlloc()/VirtualAllocEx() Windows API functions and then change memory permissions to RX via VirtualProtect()/VirtualProtectEx() after the shellcode has been copied. Of course, this will not work with shellcodes that need RW access to their buffer in memory (e.g. Metasploit Framework Meterpreter).
Instead of allocating a memory region with full RWX permissions, which might not work in all scenarios and could potentially be seen as malicious by anti-malware protections, by specifying the -Stealth command line switch the Invoke-Shellcode cmdlet will now allocate memory with RW permissions via the VirtualAlloc()/VirtualAllocEx() Windows API functions and then change memory permissions to RX via VirtualProtect()/VirtualProtectEx() after the shellcode has been copied. Of course, this will not work with shellcodes that need RW access to their buffer in memory (e.g. Metasploit Framework Meterpreter).