Windows

use post/windows/gather/win_privs
# Enumerates the current user's privileges on a Windows system.

use post/windows/gather/enum_logged_on_users
# Lists all users currently logged into the compromised Windows machine.

use post/windows/gather/checkvm
# Detects whether the target system is running inside a virtual machine.

use post/windows/gather/enum_applications
# Retrieves a list of installed applications on the target Windows machine.

use post/windows/gather/enum_computers
# Enumerates computers in the compromised system’s domain or network.

use post/windows/gather/enum_shares
# Lists shared folders and resources available on the target machine.