System services represent one of the core components in Android, implementing many fundamental Android features such as media playback, graphics or network connectivity. The fact that the large majority of system services exposes a remote interface that can be called by other unprivileged applications or services makes them an excellent attack vector. From a system security perspective this task makes even more sense since most of the components and processes executed behind each system service run with high or increased privileges. The presentation will focus on a fuzzing approach that can be used for testing system services in Android, providing in-depth information about the implementation of the tools developed to accomplish this task and examples of actual vulnerabilities that were discovered in the latest versions of Android.