What is a common tool used for vulnerability scanning?

Nessus is widely recognized as a common tool for vulnerability scanning due to its specific design and capabilities tailored towards identifying vulnerabilities in various systems and applications. It functions by scanning networks and hosts to detect potential security weaknesses, such as misconfigurations, outdated software, and compliance violations. Nessus maintains a comprehensive database of known vulnerabilities and continuously updates its plugins to provide an in-depth and current assessment of system security.

The other tools listed serve different purposes. Wireshark is primarily a network protocol analyzer used for capturing and analyzing network traffic rather than focusing on vulnerability assessment. Metasploit is a penetration testing framework that can be utilized to exploit known vulnerabilities but is not solely intended for scanning. Burp Suite is a web application security testing tool that is essential for testing and securing web applications but is also not a dedicated vulnerability scanner. The distinct purpose of Nessus in the domain of vulnerability scanning makes it the most relevant choice among the options provided.