This talk will introduce the audience to the nuts and bolts of Android hacking. Patrick and Veytsman will demonstrate how to take apart an Android application and hunt for vulnerabilities. Topics covered include hunting for goodies in files stored on the device, reverse engineering applications, identifying broken crypto implementations and using remote debugging to execute code at will. They will discuss how to apply these techniques in the context of penetration testing and mobile malware analysis. Audience members are expected to be generally familiar with Android devices and Java.