How can I check which privileges my current Windows user has, and which of those are exploitable for privilege escalation?

Use the `whoami /priv` command to list all privileges and their enabled or disabled status. According to Penetration Techniques - Exploitation of Nine Windows Privileges, nine privileges are particularly exploitable: SeImpersonatePrivilege, SeAssignPrimaryPrivilege, SeTcbPrivilege, SeBackupPrivilege, SeRestorePrivilege, SeCreateTokenPrivilege, SeLoadDriverPrivilege, SeTakeOwnershipPrivilege, and SeDebugPrivilege. Users like IIS or SQL Server often have SeImpersonate and SeAssignPrimary, while backup accounts may have SeBackup and SeRestore.