The answer would be metasploit as it has tools for both scanning and exploiting a system. Sub7 is a program used only for creating trojan horse exploits, nmap uses scanning techniques to create a map of a network and nessus uses scans to detect vulnerabilities in a system. Metasploit is the only piece of software that has the functionality to do both.
