i would like to understand DOS (denial-of-service) attacks better and I would like to know what my options are for learning about it with an example.

i have a basic express server.

app.get('/ping', (req, res) => {
  res.send({ pong: 'pong', time: new Date().valueOf(), memory: process.memoryUsage()})
})

I will separately create some javascript code that with make multiple requests to the server. but I don't know to devise strategies to try and bring down the server (consider that this is all running on localhost)

I want to see what the upper limit of making requests is possible when locally testing this. i am experiencing what is described here: Sending thousands of fetch requests crashes the browser. Out of memory

... the suggestions on that thread are more along the lines of "browser running out of memory" and that I should "throttle requests".... but I am actively trying to max out the requests the browser can make without crashing. so far my observations are that the server does not have any difficulty. (so maybe I should also make requests from my phone and tablet?)

the code have run on the browser isn't much more than:

    const makeRequestAndAlogTime = () => {
    const startTime = new Date().valueOf();
    fetch('http://localhost:4000/ping')
      .then(async (response) => {
        const { time, memory } = await response.json();
        console.log({
          startTime: 0,
          processTime: time - startTime,
          endTime: new Date().valueOf() - startTime,
          serverMemory: memory,
          browserMemory: performance['memory']
        })
      })
  }

    for(let x = 0; x < 100; x++) {
      makeRequestAndAlogTime()
    }

but depending on what value I put in for the number of times to go through the for loop, performance is slower and eventually crashes (as expected)... but I want to know if there is a way I could automate determining the upper limit of requests that I can make on my browsers?