I’m reading a white hat hacking book from a famous certification. They say the methodology for hacking a web server is:
- information gathering (domain name, DNS, IP, etc.)
- footprinting (ex: banner grabing)
- website mirroring
- vulnerability scanning
- session hijacking
- password cracking
Apart from session hijacking and information gathering, I don’t see why I would not just launch Acunetix Web App Scanner and/or Nessus to find all weaknesses.
What is the point of performing manual tests if you can automate them?
For instance, if the vulnerability scanner does not know how to find vulnerable cookies, and if I manually find a way to do session hijacking, I wont be able to train Acunetix of Nessus for that. Even if I did, I don’t how beneficial it would be.
Please explain to me why I would not just let my tool do the hacking for me.