Although denial of service bugs can be difficult to find, the following testing tips can provide ideas to help you find vulnerabilities:
Trying sending lots of data to a feature, starting with a reasonable amount and gradually increasing the amount of data over time to see how the system reacts.
Try repeating the same action over and over while looking at CPU utilization and memory consumption to try to detect any resource leaks.
Change expected data types for an application if possible. For instance, if an application is expecting a numerical value, use alphabetic characters instead.
Look for characters that are filtered, and provide input that contains many of the character that are filtered out.
Try using DOS device names wherever file paths can be specified to see if you can get the application to hang.
Use fuzzing techniques to try to reach different error cases in the application.
Fail to close any connections made to the server to prevent new connections from being made.
Try to exercise all error code paths to see whether any resources arent released.