This presentation explores the evolving landscape of Android application security testing as artificial intelligence becomes increasingly integrated into mobile devices.

The talk bridges traditional penetration testing methodologies with emerging AI-specific security challenges, providing practitioners with updated frameworks and tools for comprehensive Android security assessments.

The presentation will begin with foundational concepts, covering Android architecture and the basics of mobile penetration testing, before establishing why Android security is critical in today's threat landscape, from market dominance to regulatory pressures.

We will then examine how AI has been integrated across the mobile stack and distinguish between traditional ML risks and emerging LLM-specific vulnerabilities.

We will explore the expanded attack surface, with particular focus on how AI has transformed API security considerations.

Attendees will see how to adapt their pentest methodology using frameworks like the OWASP AI Threat Model, followed by static and dynamic analysis techniques for identifying AI-specific vulnerabilities in Android applications.

By the end of the presentation attendees will have guidance on standards, checklists, and reporting for AI-enabled applications.