Burp Suite's passive scanner works by merely evaluating traffic that passes between the browser and any remote server with which it is communicating. This can be useful for identifying some easily noticeable vulnerabilities, but is not sufficient to validate many of the more critical vulnerabilities that exist on web servers these days. The active scanner works by sending a series of probes to parameters that are identified in the request. These probes can be used to identify many common web application vulnerabilities, such as directory traversal, cross-site scripting, and SQL injection.