Which tool is commonly used for network vulnerability scanning?

Nessus is a widely recognized tool specifically designed for network vulnerability scanning. It helps security professionals identify potential vulnerabilities within their network environments by scanning hosts for known issues, misconfigurations, and missing patches. Nessus utilizes a comprehensive database of Common Vulnerabilities and Exposures (CVEs) to provide detailed reports on findings, making it an essential part of vulnerability management practices.

The other tools listed serve different purposes: Wireshark is primarily a network protocol analyzer that captures and displays packets traveling through the network, allowing users to diagnose issues and analyze traffic in real-time. Metasploit is a penetration testing framework used to develop and execute exploit code against a remote target. While it can test for vulnerabilities, its primary function is not to perform vulnerability scans. Snort is an intrusion detection system (IDS) that monitors network traffic for suspicious activity but is not specifically designed for vulnerability scanning. Hence, Nessus stands out as the correct choice for this purpose.