Though many Servers run Open-Source solutions these days, a lot of the critical infrastructure consists of commercial closed-source software: From IDS Sensors over VPN Gateways and Enterprise Database Servers to large Firewalls: Closed Source is still everywhere. An attacker who is proficient at reverse engineering can - given the right amount of time - find bugs in these critical programs and then attack the network with undisclosed bugs - which is every administrators Nightmare. Binary analysis is a time-consuming and tedious process, and few people outside of government agencies are proficient at it. Even fewer people realize that a large part of the analysis process can be automated, and that binary analysis can at times even come up to the speed of source code analysis. This presentation will explain some concepts & tools which can drastically improve the performance of a the reverse engineer when trying to find security-critical vulnerabilites such as buffer overruns. Various ideas and their implementation will be discussed- from graph-coloring using an interface to running a debugger to analysis of flowgraphs to automatically find buffer overruns. The tools & methodologies presented will be tested 'in the wild' by letting them run over a few major commercial software packages.