Reverse engineering is one of those topics that when discussed few people have anything to add to it. Why? Well simply because it is such a high-end, and niche skill that not too many people practice it. There are a lot of programmers out there, but that said not too many of them debug their code with IDA Pro, SoftICE, or Ollydbg. In other words I don't think there are a ton of programmers out there who have a good familiarity with Assembly. I for one don't consider myself a programmer for I am not. When time permits I continue to attempt furthering my skills in it, which are lame at best in my opinion. But back to revese engineering for a minute. Bruce Potter I think hit it on the head in an interview he did for Security-Forums when he said he knows people who can rev-eng but not necessarily program the exploit for the bug that may be found. A very astute observation I would say. Any of you have any thoughts on this? Oh yes! I almost forgot. The guys over at Metasploit (skape) are working on an automated reverse engineering tool that would automate certain things that you would normally have to do by hand. Looking forward to seeing the tool once Skape has time to finish working on it. For all those of you who do use the Metasploit Framework you may wish to send the crew down there a buck, or two to help them out. The money goes towards the project, and perhaps some pizza and beer. Every dollar helps!