I do prefer small command line utilities over heavy GUI tools and use then whenever possible. Command line has better post-processing possibilities (you can pipe output to other tools) and automation (you can easily script them). Small example of network scan below.
For example sometimes you want to analyze DHCP requests details but without overhead needed by Wireshark (you may work over SSH without GUI). Then it's very easy using some useful command line tool. Recently I needed to check "Vendor class identifier" field sent from device with given MAC address: (1C:C6:3C:74:B9:47 in our case). It's very easy:
$ sudo dhcpdump -i eth0 -h 1C:C6:3C:74:B9:47 | grep 'Vendor class identifier' OPTION: 60 ( 25) Vendor class identifier ABC8776 OPTION: 60 ( 25) Vendor class identifier ABC8776
"eth0" was my local device used for sniffing network packers.
As you can see it was very easy (and much faster that typical Wireshark use).