- Do you have any access to file shares?
- wwwroot: drop a web shell
- web.config: access to cleartext creds
- backdooring any files with your payload
- Pivot through SQL server with your current credentials or with any SQL scripts you have found
- Internal spear phishing
- Pivot to web and cloud services and try to escalate privileges from there(Azure, exchange etc.)
- Search for any low hanging VNC creds or SSH keys/passwords