Become our author

Can I submit an article for hakin9?
Of course, you can. hakin9 magazine is open to all external submissions, independent on who you are. All that counts is what you know and how well are you able to explain it to others. See below for more information.

Please read information for authors to find out more.


What kind of articles does hakin9 look for?
The mission of hakin9 is theory through practice. All our articles are prepared with that in mind, and so should yours be.

If you're wondering what theory through practice means, try to adhese to the following rules:

• Do not try to write a man page. Man pages are examples of... theory through theory. Have you ever tried to use a completely new application straight by looking at the man page? How long did it take you to reach information on how to use the tool in practice, going through various option descriptions etc.? Well, this is not what our readers want.
• Do not try to write an RFC. RFCs are also good examples of theory through theory.
• Do not try to write a program with comments. Programs with comments (even though they are better than the ones without comments...) are examples of practice through practice. Too little theoretical background is often available in the comments for the user to understand exactly what the program does.
• Our articles can be compared best to tutorials or howtos. These are examples of theory through practice.

So, a good article for hakin9 should fulfill the following expectations:

• Be based on a practical, working example . Say, you'd like to explain how buffer overflow works in hakin9 (it has been explained already, so treat this only as an example). Start by a simple example of a vulnerable program, three-four lines. Then show step by step what happens when you overflow the buffer. Use diagrams, use snippets of code, use memory dumps. Use everything you need to show the reader exactly what happens on every stage. If you need to go off into theory, use an inset (a box on the side) to explain some ideas, so that the reader doesn't wonder off with his thoughts. Finally, find a program with a buffer overflow (eg. on bugtraq) and show that the same thing can be applied to this program, step by step.
• If your article is to be more general, about some technology and its weaknesses for example, remember to:
  • first describe the vulnerability,
  • then show how it can be used in practice
  • then discuss who can use this vulnerability (eg. a local user, a remote user from the internal network, a remote user from an external network etc.)
  • then discuss what consequences might this vulnerability have (eg. a DoS, leak of confidential data, loss of data, software failure etc.)
  • finally show how one can protect against it.
  This will guarantee your article will be as complete as possible. You can of course iterate this process for every technique or every vulnerability for a given technology.
• If you'd like to write about some strategies, standards, more business-related issues, this is also a good subject for hakin9, but it has to be approached also through practice. So if you'd like to write about an ISO norm for example, make sure you don't just copy the official documentation (even using your own words), but you describe an example implementation, step by step. What has to be done, how to do it, what are the risks associated with every step and what are your practical experiences with every step (we assume that if you'd like to write about something like that, you do have practical experiences).

If you're still wondering if your approach is right, feel free to contact us and just ask. We don't bite! We're here to help you prepare the best article there can be, because then both our readers are content, and you are content because you receive the highest praises for it.

What subjects are of interest to hakin9 readers?
Well, the subject scope in general is IT security seen from the practical point of view. This encompasses:

• hacking techniques,
• security aspects of IT technologies,
• programming security-related applications,
• penetration testing techniques,
• forensic analysis techniques,
• security management and strategies – practical examples,
• the edges of hacking – reality hacking, interesting projects, new concepts and ideas.

and more.


Here are the subject scopes which the editorial team and our readers would like to read about:

• browser hijacking, XSS attacks, web application security aspects,
• session ID poisoning techniques (hijacking user accounts),
• security aspects of various multimedia-connectivity technologies and protocols (such as recent bugs in Skype),
• vulnerabilities of various network protocols (eg. Windows networking protocols, AppleTalk etc.),
• security of legacy technologies (eg. Lotus Notes, Novell NetWare etc.),
• writing secure code – a practical HOWTO,
• various techniques used in penetration testing,
• techniques of protection against zero-day exploits,
• security of mobile phones (phones themselves, their OS, not the networks),
• methods used by intruders to make forensic analysis difficult,
• techniques used by dialers to hijack connections and hide in the system,
• smartcard hacking and protection,
• dongle (hardware key) hacking and protection,

These are just some suggestions. If you specialise in something you'd like to write about, just contact us and we'll tell you whether your subject matter is good for hakin9, and if so, how to approach it.


What articles we are not interested in:

• cracking articles; hakin9 is not a magazine for crackers, we do not and will not either suggest or support any activities breaking the law,
• script-kiddie articles such as how to use a tool to break into your neighbour's Windows; hakin9 is not a magazine for script-kiddies, we don't want to show just how to use a tool, we want to explain how it works from the grounds up,
• articles about techniques that were talked about many times such as buffer overflows; this has been written about so many times, that it's boring for our readers, of course if new interesting techniques, much different from the ones used before are found, it's a good subject for an article for hakin9,
• articles about things which are obvious; we do remind the readers about obvious things, but it has to be complementary to something new and innovative.

What language should the article be submitted in?
You can use any of the languages our magazine is published in. However, each version of the magazine is managed by different staff, so for the English version write in English. Your article will of course probably be translated into all other languages, but until it's ready, you'll be communicating only with the staff of the version you have chosen to write for.

If you're worried about your English not being good enough, don't worry. What matters most is that you're a specialist in your field. We have people who will "beautify" your English and make it suitable for all readers. There are many people who know English well, but there are not many people who can write about the things you can write about. Remember that.
Ok, I want to write. How do I start?
Just write us an e-mail (at en@hakin9.org).

The first step will be for you to propose a subject you specialise in and you'd like to write about. You don't have to be the top specialist in the world in that subject (although it's nice if you are). If you are a student and you have an interesting idea, you can write about it just as well as if you were the top specialist in IT security in world's largest IT company. What matters is the quality of the article, its completness, corectness, ease of reading, how interesting it is etc.

When we agree on the subject matter (we have to talk first to see whether this subject has been written about in the past, whether it's interesting for our readers etc.), then comes the article plan. We'll help you prepare one if you need us to. The plan is to show the article structure and the approach to the subject matter. A good detailed plan is the best way to see what the final article will look like, and a great help for you to write the article afterwards.

When the plan is agreed and accepted, you can start to write the article. When it's complete, it will be read by our editorial team and you will receive comments and suggestions as to possible changes. Then it will also be sent to our betatesting team, which might give you more suggestions on how to change or expand the article. When this is complete, the article will be published and most probably translated to other languages and published in other hakin9 editions.

 > Programming

  ^ Programming

   »   Database programming
   »   OCaml
   »   Programming in generall
   »   Mobile programming
   »   Object-oriented Technics
   »   XML
   »   J2EE
   »   PHP
   »   Java
   »   Delphi
   »   C#
   »   C/C++
   »   Shellcode

 > Programming Techniques

  ^ Programming Techniques

   »   TDD
   »   Unit Testing
   »   Domain-Specific Modeling
   »   Frameworks

 > Operating Systems

  ^ Operating Systems

   »   Windows
   »   Linux
   »   FreeBSD
   »   Unix

 > Departments

  ^ Departments

   »   Interview
   »   Tutorials
   »   Artificial intelligence
   »   Portable GUI
   »   Reverse Engineering
   »   Programming Tools
   »   Software Engineering
   »   Workshop
   »   Library of the Month
   »   Column
   »   High quality and
secure programming
   »   Security Tools

 > Security

  ^ Security

   »   Sniffing
   »   Exploits
   »   SQL injections
   »   VoIP
   »   Bots
   »   Backdoors
   »   Spyware
   »   Firewalls
   »   Rootkits
   »   Networks
   »   DNS
   »   Security
   »   VPN
   »   Exploits
   »   Port knocking
   »   Low-level network security
   »   Format string vulnerabilities

 > Tools

  ^ Tools

   »   Library
   »   IDE
   »   Reporting
   »   Security tools

 > Databases

  ^ Databases

   »   Embedded databases
   »   MySQL
   »   Berkeley DB
   »   SQL Server
   »   Other DB
   »   XML Servers
   »   Oracle
   »   PostgreSQL
   »   Generall

 > Linux/Unix

  ^ Linux/Unix

   »   Linux

 > Networks

  ^ Networks

   »   Neural networks
   »   Networks

 > Windows

  ^ Windows

   »   Generall

 > Open Source

  ^ Open Source

 > Internet

  ^ Internet

   »   WWW