Features

Dynamic Testing

Static analysis only sees your code. Dynamic testing runs against your live localhost app to catch issues that only appear at runtime.

What it tests

  • Authentication bypass vulnerabilities
  • Exposed admin or internal routes
  • Missing security headers
  • Wildcard CORS misconfigurations
  • Rate limiting gaps
  • Slow endpoints and caching problems

How it works

Start your app locally, then let DeployReady probe it. It sends safe, read-only style requests to evaluate runtime behavior.

terminal
Stage 3: Dynamic Testing (Live Localhost)
  ✓ Auth bypass vulnerabilities
  ✓ Exposed admin routes
  ✓ Missing security headers
  ✓ Wildcard CORS issues
  ✓ Rate limiting gaps
  ✓ Slow endpoints & caching problems

Skip dynamic testing

If your app isn't running or you only want a static pass, disable it with --no-dynamic.

terminal
npx deployready@latest analyze . --no-dynamic

Run against non-production only

Point dynamic testing at a local or staging environment. Never run it against a production system you don't intend to probe.

Dynamic Testing — Overview

Video coming soon

Coming soon.

PreviousSecrets & VulnerabilitiesNextActive Security Testing