Recon on a Website Hosted by a Hosting Company
A lot of the websites today are not hosted on someones own little server, but at huge hosting companies like One.com, Hostgator and Godaddy.com. When using, for example, Nmap to scan one of these sites for vulnerabilities, it scans the huge servers, with very little chance of succes as these companies have enough money to add proper security to their servers.
I was wondering how one would still be able to find vulnerabilities in the websites that are most times made by average people (read: people who leave big and probably easy to find holes in their security), but are hosted by those companies.
Anyone who could push me in the right direction on this?