This chapter illustrates vulnerability resource methodologies. It also discusses the importance of source code reviews, reverse engineering technologies, and black box testing. In the case of vulnerability research challenges, the resources used to tackle a problem may be code, time, or tools. In some cases, reading the source code may be the simplest way for them to determine whether or not there are vulnerabilities; much vulnerability are tied to particular language functions or ways of calling external functions. The source code often gives the clearest picture of how this happens in a given program. Another method of determining how a program works, and therefore whether there are holes, is reverse engineering, which may require special tools, such as disassemblers and debuggers. The last method is black box testing. Black box testing permits only for the manipulation of the inputs and the viewing of a given system outputs, without the internals being known. In some cases, black box testing may be the sole method initially available. In other cases, it may be employed to aid choose where to focus further efforts.