The Top Five
Metasploit - Metasploit is an open source platform for developing and testing exploits. It's available for both Unix and Windows systems. This is a far more advanced tool than the others on this list, and requires more programming knowlege to run and use. The advantage is that a specific exploit can be fully demonstrated to exist, rather than noted as a potential vulnerability. This platform runs payloads, shellcode, and remote shells--you will actually penetrate the target. Servers can and will crash!
Nessus -Tenable Network Security offers Nessus as a free scanner for non-commercial use, with a subscription license required for commercial organizations. Nessus has long been my favorite vulnerability scanner, due to its speed, accuracy, and depth. Large vulnerability libraries can mean long times for scans. Currently there are over 28K plugins available, with automatic updates possible for new plugins. Nessus 4 is one of the fastest scanners I've used.
Nikto - Nikto is an Open Source web server security scanning tool. Currently at version 2.03, can scan for over 3500 potential vulnerabilities, with the option for custom scans by classes of vulnerability. Logical, customizable testing options, and host selection from nmap output, and other features make this a great tool.
Nmap - Nmap is my Swiss Army Knife for network scanning, port mapping, and OS & application discovery. Somehow it's both the simplest and most flexible tool in my arsenal. Whether you want to find and identify every host on a large network, or port map and discover every application running on a single host, nmap excels.
Wireshark - Wireshark is my replacement for Ethereal when sniffing and capturing network traffic and examining protocols and sessions in depth. Whether you need to capture wireless ethernet traffic, or examine (and even decrypt) specific protocols in depth, this is an indispensable tool. Wireshark runs on many platforms, and supports many capture file formats.