In this talk we aim at showing how easy it is to reverse engineer an Android application. We show how to perform static analysis on an application. Secondly, we illustrate how applications are attacked dynamically in orde to investigate or alter the program flow of the application. Attendees walk away with tools and information to perform basic pentesting techniques on their own applications. In the static part we will introduce disassemblers and reverse engineering tools to uncover and retrieve the code of Android applications. We show that the structure of the code can be investigated and searched for vulnerabilities. In the dynamic part, we focus on attacking the application while it is running on the device. We attack the app using hooking frameworks, debuggers and MiTM tools.