On the other hand, Red Gate's Reflector decompiles the code into C#, VB.NET, F#, IL, or MC++. You can then look for malicious code. I mainly look for code accessing classes in the System.IO namespace, System.Web, System.Net, or similar namespaces, because these are the ones that are likely to either mess with existing files or connect to the Internet.
You can use the ILDASM (Intermediate Language Dis-assembler) program that comes with the
Reflector is worth every penny. Besides looking for security problems, I use it all the time to figure out what the Framework is really doing, fix bugs in other people's libraries, sign code that wasn't signed originally, translate VB.NET code to C#, etc. (To translate code, compile it in one language and decompile it with Reflector into the other.)