This book considers the problem of automatic generation of exploits for software vulnerabilities. A formal definition will be provided for the term "exploit" in Chapter 2 but, informally, it describes an exploit as a program input that results in the execution of malicious code1. We define malicious code as a sequence of bytes injected by an attacker into the program that subverts the security of the targeted system. This is typically called shellcode. Exploits of this kind often take advantage of programmer errors relating to memory management or variable typing in applications developed in...