I think it does a pretty good job at web app pen testing, but have found that Paros, w3af, and others find some vulnerabilities/items of interest that it doesn't. I also find that Wikto finds directories that Core doesn't.
An external network pen test is OK, but haven't found another tool better. Some of the OS fingerprinting is a little off and sometimes it cannot detect one at all.
Client-side is really good and have found a TON of corporate emails that I can use to leverage an attack.
One thing I find in an internal test is that Symantec Endpoint Protection goes berserk on the host that I am testing against. I guess that is a good thing though, but not for for me when I am testing.
Just was wondering what everyone else's opinion was.
Former U.S. Marine and damn proud of it!