For a better picture Google and run these tools for general enumeration and finding misconfigurations or exploits:
LinEnum, linux-smart-enumeration, linuxprivchecker.py
You can enum cronjobs using the tool pspy
Check the kernel version and Google for exploits, check webserver’s configuration files for creds or ssh keys, the bash_history files for leftover data and in general what looks out of place or interesting!