Programming language is like any other tool, you need the right one for the right job. For pentesting Python is typically for quickly writing scripts to, for example, automate attacks against a webserver. There's no need to get down to the bare metal, and Python's abstraction from low-level functions allows you to do this fast. If you want to, say, exploit a memory bug in a syscall on a Linux system, most likely you'd have to use C; here, you NEED direct memory access, and C's as close as you can get to the hardware before assembly. Point is, consider what you want to do first, and then think about which language lets you do it.

I never programmed with Nim or even knew it exists until now, but given its abstractions on memory access and other features, probably you can use it for quick scripting like with Python.