Of course, you can. hakin9 magazine is open to the external submissions. All that counts when submitting a paper is what you know and how well you explain things to the others. Please, read further for more guidelines. Please read also the information for authors to find out more.
What kind of articles does hakin9 look for?
The idea of hakin9 is to give the readers theory through practice. All our articles are written with that in mind, and so should be yours.
If you're wondering what theory through practice means, try to follow the rules:
Do not try to write a man page. Man pages are examples of... theory through theory. Have you ever tried to use a completely new application straight by looking at the man page? How long did it take you to reach the information on how to use the tool in practice, going just through various option descriptions? Well, this is not what our readers want.
Do not try to write an RFC. RFCs are also good examples of theory through theory.
Do not try to write a program with comments. Programs with comments (even if they are better than the ones without comments...) are examples of practice through practice. Too little theoretical background is often available in the comments for the user to understand exactly what the program does.
Our articles can be compared to tutorials or howtos rather. These are examples of theory through practice!!!
So, a good article for hakin9 should meet the following demands:
Be based on a practical, working example. Say, you'd like to explain how buffer overflow works in hakin9 (it has been explained already, so treat this only as an example). Start by a simple example of a vulnerable program, three-four lines. Then, show step by step what happens when you overflow the buffer. Use diagrams, use snippets of code, use memory dumps. Use everything you need to show the reader exactly what happens on every stage. If you need to go off into theory, use an inset (a box on the side) to explain some ideas, so that the reader doesn't wonder off with his thoughts. Finally, find a program with a buffer overflow (eg. on bugtraq) and show that the same thing can be applied to this program, step by step.
If your article is to be more general, about some technology and its weaknesses for example, remember to:
first, describe the vulnerability,
then show how it can be used in practice
then discuss who can use this vulnerability (eg. a local user, a remote user from the internal network, a remote user from an external network, etc.)
then discuss what consequences might this vulnerability have (eg. a DoS, leak of confidential data, loss of data, software failure, etc.)
finally show how one can protect against it.
This will guarantee that your article will be as complete as possible. You can of course iterate this process for every technique or every vulnerability for a given technology.
If you'd like to write about some strategies, standards, more business-related issues, this is also a good subject for hakin9, but it has to be approached also through practice. So if you'd like to write about an ISO norm for example, make sure you don't just copy the official documentation (even using your own words), but you describe an example implementation, step by step. What has to be done, how to do it, what are the risks associated with every step and what are your practical experiences with every step (we assume that if you'd like to write about something like that, you do have practical experiences).
If you're still wondering if your approach is right, feel free to contact us and just ask. We don't bite! We're here to help you prepare the best article ever.
What subjects are of interest to hakin9 readers?
Well, the subject scope in general is IT security seen from the practical point of view. This encompasses:
latest hacking techniques
security aspects of IT technologies
programming security-related applications
penetration testing techniques
forensic analysis techniques
security management and strategies – practical examples
the edges of hacking – reality hacking, interesting projects, new concepts, ideas and more.
Here are the subject scopes which the editorial team and our readers would like to read about:
browser hijacking, XSS attacks, web application security aspects
session ID poisoning techniques (hijacking user accounts)
security aspects of various multimedia-connectivity technologies and protocols (such as recent bugs in Skype)
vulnerabilities of various network protocols (eg. Windows networking protocols, AppleTalk, etc.)
security of legacy technologies (eg. Lotus Notes, Novell NetWare, etc.)
writing secure code – a practical HOW-TO
various techniques used in penetration testing
techniques of protection against zero-day exploits
security of mobile phones (phones themselves, their OS, not the networks)
methods used by intruders to make forensic analysis difficult
techniques used by dialers to hijack connections and hide in the system
smartcard hacking and protection
dongle (hardware key) hacking and protection
These are just some suggestions. If you specialise in something you'd like to write about, just contact us and we'll tell you whether your proposal is good for hakin9, and if so, how to approach it.
What articles we are not interested in:
cracking articles; hakin9 is not a magazine for crackers, we do not and will not either suggest or support any activities that break the law
script-kiddie articles such as how to use a tool to break into your neighbour's Windows; hakin9 is not a magazine for script-kiddies, we don't want to show just how to use a tool, we want to explain how it works from the grounds up
articles about techniques that have been already discussed many times in hakin9
articles about things that are obvious; we do remind the readers about obvious things, but it has to be complementary to something new and innovative
What language should the article be submitted in?
We are the English version of hakin9 so we expect articles written in English. Your article might be translated into some other languages, but until it's ready, you'll be communicating only with the staff of the English version.
If you're worried about your English not being good enough, stop worrying. What really matters is that you're a specialist in your field. We have people who will "embellish" your English and make it suitable for all readers. There are many people who know English well, but there are not many people who can write about the things you can write about. Remember that.
The first step will be to propose a subject you specialise in and you'd like to write about. You don't have to be the top specialist in the world in this subject (although it's nice if you are). If you are a student and you have an interesting idea, you can write about it just as well as if you were the top specialist in IT security in world's largest IT company. What matters is the quality of the article, its completeness, correctness, ease of reading, how interesting and practical it is, etc.
When we agree on the subject (we have to talk first to see whether this subject has been mentioned in the past, whether it's interesting for our readers, etc.), it is time for the article's draft. It is to show the article's structure and the approach to the topic. A good detailed plan is the best way to see what the final article will look like, and a great help for you to write the article afterwards.
When the plan is agreed and accepted, you can start to write the article. When it's completed, it will be read by our editorial team and you will receive comments and suggestions regarding the possible changes. Then it will also be sent to our betatesting team, which might give you more suggestions how to change or expand the article. Once the paper is betatested and corrected, it will be published and most probably translated to other languages and published in other hakin9 editions.
