Core Impact 2017 R1 and Metasploit Pro are tools used to create multi-staged, real-world attacks to test enterprise security defenses. Both solutions have a large following, but there are several areas in which they are different that dramatically increase a pen-tester's ability to do their job.
If you're developing mobile websites or native apps, you'd better take a closer look at the fine print. Some APIs, including one from Amazon, specifically exclude mobile applications. And there's not much explanation--or logic--behind the exclusions.