Introduction
In this chap, we'll allow automated tools to do the same thing(chap 7) for us
Without understanding how to gather the application and OS version information yourself, you cannot accurately understand how automated tools gather the same information
if we want to call ourselves professionals, that we cannot simply allow our tools to do our work for us
four steps
Find proof of concept code/tool
Test proof of concept code/tool
testing the exploit against a test server first
we really cannot know what will happen when we launch the exploit, unless we examine the code first, or test it within a test environment
an exploit can have different results, including crashing the target and losing all data and functionality