Reverse engineering vs binary exploitation, or malware analysis, binary software analysis to exploitation development, vulnerability research. It is a very common and widely interrelated concept, some are put together and create the confusion and misunderstanding they refer to the same matters which it is not, just like another confusion for vulnerability assessment and penetration testing. We use this post to explain it clearly, to address most of the typical new user and new to this domain, it may useful for those who are involved in one portion, but no related to other related domain to get the holistic understanding for the difference, and in what context they are being use the term and refer it to be.
When talking about binary reverse engineering, it is about the software analysis domain, or known as binary analysis, depending on the context you refer to it. And reversing is typically related to vulnerability research like malware analysis, who have the typical role in the cybersecurity domain, be it vulnerability researcher, malware and exploit testing and development, who are involved in binary exploit crafting or testing for it. Then the context for binary exploitation comes into the picture.
Exploitation may not be necessary related to reverse engineering, as in the context for the vulnerability research and discovery, and from the vulnerability to craft exploitation, where widely in the field of vulnerability assessment and penetration testing.
As you can see, even so reverse engineer, if the person does not deal with the exploit, or the person may or may not be involved in the exploit testing, malware analysis and malware crafting, those are more for related to exploitation testing and development domain.
Please see the conceptual diagram created to help you draw the understanding and differences, as well as being capable of knowing the context for where they use the term for.
Feel free to engage and contact E-SPIN for your reverse engineering and binary exploitation needs and requirements.
