Pentesting skills are built upon skills in Linux and Windows system administration from the command line, networking, some coding usually in Python, knowledge of web applications and web servers, and more. When starting out it can feel bad because you want to learn out pentesting topic X, but then you figure out that you need to go learn at least the basics of fundamental topic A and B first. It’s normal so don’t worry about. Just dig in and enjoy the knowledge journey.
I’ve used Tenable Nessus Professional, and Tenable Security Center and both work well in their categories. Nessus Professional is a portable Nessus scanner a security person can take with them to do adhoc scans. Security Center (aka Tenable.sc) is a vulnerability management solution for an enterprise.
Their competition is Rapid7 and Qualys, but I can’t speak to those myself.