You are performing a penetration test on a web application that requires testing for Cross-Site Scripting (XSS) vulnerabilities. You need to select a tool that allows for both automated scanning and the ability to intercept and modify HTTP requests in real-time to test for reflected XSS. Which tool would be the best fit for this specific requirement?
Nikto
OWASP ZAP
Gobuster
Burp Suite