An exploit, such as a control flow exploit, allows an attacker to execute arbitrary code on a computer. Typically, an attacker will manually review the code of a software program, identify a vulnerability, or hug, and attempt to exploit that vulnerability. If the vulnerability is exploitable, the attacker will seize control of the software, and any computing device running the software, until the exploit is discovered and removed, and the vulnerability is fixed.
Manual, or somewhat automated, techniques can be suitable for attackers when seeking vulnerabilities, as they only need to find one exploitable bug to be successful in compromising a computing system. However, computer security professionals cannot rely on a manual review of software alone, as they would ideally like to identify and fix any and all exploitable bugs in software before certifying that software as secure. Otherwise, that software could be compromised.