If you are ready to contribute, follow these guidelines (LIST OF AVAILABLE TOPICS FOR 2012 BELOW):
1 ) Think about the subject matter and the title and send a short outline before you start working on the full article. We want to make sure that the issue you are going to cover fits the profile of the magazine and/or if someone has not covered the subject already.
2 ) The subjects which are most welcome are those concerning practical issues. Do not write about definitions, do not digress too much – the writings have to meet the needs of other pen testers, enterprise security executives and IT security enthusiasts who are looking for real-life solutions and want to observe the market.
3 ) The articles cannot be commercial in character – we are not willing to make the magazine one huge advertisement, quite the opposite. If you want to draw the reader’s attention to a particular product or company, make sure that your judgement towards it is subjective. The writings need to be non-commercial and informational in character.
4 ) If your article is too commercial in character (i.e. you advertise your company’s products/services directly) and you have no wish to change it, we can publish it in our teaser issues, which can be downloaded from our site for free. However, we might decide to charge for it as we would for an advertisment, but – depending on the informational value of the article – the cost might be lowered substantially.
5 ) The length of the article should be around 3000-4000 words (5-6 .doc pages ). Feel free to add any graphics or diagrams – their resolution shouldn’t be lower than 150 dpi. A clean, simple .doc file (no fancy font colours, sizes etc.) is most appreciated.
6 ) Try to fit the following sections:
Point of View (your views on the issues on the market)
How-To (practical tutorials)
Beginner’s Guide (for less experienced reader)
Legal (covering legal issues of ethical hacking)
7 ) Include a short lead (2-3-sentence introduction, 60 words maximum, to the article to make the reader want to read it all- but don’t write passages like “this article is about…” etc. – try to make it as attractive as possible).
8 ) If you include graphics, charts, listings etc., make sure to label them appropriately and include clear references to them in the text.
9 ) Don’t forget to write your bio (with an optional photo of yourself) to accompany the article.
10 ) Topics for 2012 in monthly order:
- Social Engineering (Special Issue)
- Security and auditing standard
- Cross Frame Scripting
- Input Validation
- Directory Traversal
- Buffer overflow exploits and countermeasures
- Path Disclosure
- LDAP Injection
- URL manipulation
- Cross-site scripting
- Session Fixation
- Password in Memory
- Penetration Test and Network Security
- Cross-Site Request Forgery
- Cookie Manipulation
- Penetration test and scanning
- PHP Code Injection
- Personnel security awarness levels
- File Inclusion
- Information and data controls
- Code Execution
- Session hijacking
- Arbitrary File manipulation
- Authentication attacks
- Script Source Code Disclosure
List consulted with Aby Rao, CISSP, CISA, ITIL, Security+
Maciej Kozuszek & PenTest team