Well, my thought is technique over tool. Sure, having the right tools is a big help, but more important is how you approach the test. Do you have a methodical way to go about it? Do you vary your methods based on feedback you get when testing? Do you repeat your tests to confirm the vulnerabilities you found? There are lots more questions that I haven't put here...this is what I came up with right away.
That's not really an answer to your question...what you're asking is very open-ended and subjective. You might have a look at pentest-standard.org for further ideas. Many of the authors are well known in the security field.