I am having a console application tested for bugs by a friend. What are some of the things to watch out for? I am not talking about skipping an input when the user presses enter twice, I mean the really nefarious things like someone deliberately entering in an EOF character or a semicolon to see if it breaks something(and I know my friend would do that). What are some more creative ways to destroy a console application?

The ctrl-c command is notorious for closing console applications.
/joke
If you are obssessed with errors, check cin prior to every input. It the eofbit is thrown you know someone tossed in an eof, because that's not common for (unmodified) standard input. (Full input flags system here. http://www.cplusplus.com/reference/iostream/ios/rdstate/)