Net Square's team has published many whitepapers and some of the popular whitepapers are mentioned in the below link.
One-Way Web Hacking – HTTP Based One Way Web Hacking Technique
Mr. Saumil Shah (C.E.O of Net-Square) has authored a book 'Web Hacking Attacks and Defence'
wsChess - Toolkit for Web Services Assessments and Defense
nstools - Security ToolKit from NetSquare
MSNPawn -Web application Footprinting, Profiling & Assessment tool using MSN Search web APIs
One of our security tools released is httprint, a web server fingerprinting tool. httprint relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask.Click here for more details
The datapipe_http program essentially, software based on datapipe port redirector originally written by Todd Vierling in 1995, opens up a connection with the HTTP proxy server and uses the CONNECT server: port HTTP/1.0 technique to open a plain bi-directional TCP connection to the destination server. The TCP connection is then handed off to the program that connects to the incoming datapipe listener port.Click here for more details
A set of tools written C# for the .Net platform. This is a prototype, released as a beta with limited support at this point.It has the following tools.
wsPawn - Web services footprinting, discovery, search & domain footprinting tools. If you are looking for registered web services and their access points, this tool will help you in retrieving information from public UDDI.
wsKnight - Web services profiling, proxy and audit tool. This tool helps in profiling web services from its WSDL. It also allows you to invoke methods and intercept them before they go on the wire to the target so that you can manipulate the SOAP envelope if needed. The auto audit feature allows you to inject characters and attack strings for assessment work.
wsRook - This is a very simple technology demonstration for developers. This is a regular expression-based defense for web services input content. This is a hook in HTTP pipe using the HttpModule interface.Click here for more details
As part of this security toolkit, the following are the software tools that can be used on the Microsoft Windows platform to perform various security-related activities.
The command shell is a method of directly communicating with a remote system via an instruction, or command line interface. Existing remote command execution tools besides being difficult to set up, require client software to be installed on the remote systems that you wish to access.netexec allows you to execute a command on a remote machine without physically logging in to that machine. Full interactivity for console applications is provided. No client software installation is required. read more...Click here for more details
The execution of a command is known as a process. All multi-user operating systems have to run more than one process at the same time. netps is a Unix-like process listing command ps, from Net-Square, that provides you with detailed information about active processes. Netps is part of the Net-Square suite of tools and will work on the Windows family of products. read more...Click here for more details
The ability to determine which processes own which ports on your system. Existing Port-to-process mapping tools besides being difficult to set up, require client software to be installed on the remote systems that you wish to access. There are many times you'll look at the results of a port-to-process mapper and wish to know the command-line arguments a particular process has been started with. Surprisingly, none of the available port-to-process mappers provide this capability. The only netport allows you to determine the command line arguments of each process. NetPort also allows you to take MD5 hashes of the running processes.Click here for more details
Services in MS-Windows™ impact the functioning of a system. With a default installation of MS-Windows™, many unnecessary services are installed and are automatically enabled at startup. It is a tedious job for administrators to stop or uninstall unnecessary services on each individual computer. net service allows you to manage installed services on local and remote machines without physically logging in to the machine. This tool helps system administrators in performing housekeeping tasks and security auditors in checking the services running on remote systems when direct access is not always possible.Click here for more details
XML is now the most acceptable format for data representation as it provides an efficient and structured method to handle data. But when this data has to be presented as a report, a pure XML file is insufficient. A better way to represent data is by using HTML. To convert the XML data file to an HTML document, XSLT is used. netxslt helps you to convert XML into HTML with the help of the corresponding XSL.Click here for more details
MSNPawn has been designed and developed on the .Net framework and must be installed on the system. It is web application Footprinting, Profiling & Assessment tool using MSN Search web APIs. It has utilities like MSNHostFP, MSNDomainFP, MSNCrossDomainFP, MSNCrawler, MSNFetch, Search.MSN. A whitepaper is included for better understanding for all these utilities.Click here for more details