Source audit

IF you have the source code you can check out the following links: 
http://www.dwheeler.com/flawfinder/ 
http://www.cigital.com/its4/ 
http://www.securesoftware.com/download_form_rats.htm 
http://www.cs.wisc.edu/~bart/fuzz/fuzz.html (MAYBE?) 
ELSIF YOU ONLY HAVE THE BINARY THEN 
Checkout the blackhat presintations like: 
http://www.blackhat.com/html 
/bh-europe-00/bh-europe-00-speakers.html#HalVar