- revshell.com
- Winpeas - examine files you have access to
- NTLM Hashes
- grab ssh keys located in C:/users/user/.ssh/id.rsa
- see what permissions you have on files that you find with winpeas here
- Google version numbers of EVERYTHING
- if you find strings/documents, check for base64 and cyberchef magic