In the last few years, interest for automated exploitation has surged both from academic and industry circles. So far, most research has focused on restricted exploit models where mitigations are disabled or very limited. The purpose of this talk is to define the challenges ahead for security researchers who want to tackle full model exploit generation where modern mitigations are considered. As often, the key to solving such hard problem lies in tackling simpler problems and combining results. We hereby formalize a list of eleven central problems in automated vulnerability discovery and exploitation and discuss strategies to solve them. A few tools are presented to help researchers in this journey.