Assessment tomorrow, trying to foresight the test

Fellow H4x0rs! As title says, tomorrow i will have an assessment for a pentester position.
This corporate has its own DVWA which i am supposed to test and write a report.
Based on my performace, they will define my seniority.
I am supposed to find at least 3 vulnerabilities to pass the test and have 48 hrs.
I really want to perform well and beside studying i am trying to guess which vulns i should hunt for. My plan for now, would be finding the XSS (also a reflected one to get two points?), and the SQLi, which i suppose will be there almost certainly. What other vulns should i prepare for (inb4 OWASP top10)?
Can you report on similar assessments and share your experience?

Thanks in advance for your time!

My three cents:
-Install DVWA on a VM (or in docker) before your exam begins and start practicing. This will help to understand what vanilla vulns are already built into DVWA, as the hiring party will probably throw their own custom stuff in there. Knowing whats vanilla will help you find what isnt, and hopefully impress them with your l33t skilz.
-They are probably more concerned about your writing skills, in regards to the executive summary and vuln report, than you actually finding all their tricks and vulns. Make a valiant effort in finding as many vulns and issues as you can, but spend a lot of time on polishing your report. Make sure there are zero spelling, grammatical, or syntactic errors. “Barney style” how you implemented your exploits. The report is usually the most important part of any kind of op, as its how everyone gets paid and continues to get paid. Plus, the final report is how you get the C Suite mouth breathers to shell out $$$ to fix the broken stuff you find. :stuck_out_tongue:
-They will most likely be more impressed with you if you steer clear of MSF. MSF is a great and handy tool, but a lot of folks lean on it exclusively. Use it for enums and basic stuff, but show your mettle and implement the actual exploits by hand if possible. This will hopefully impress them more than pressing buttons to make MSF do-the-thing.

Grain of salt and all that though. Good luck and I wish you the best!

Luckily, filing the report is one of my best skills! Thank you for the advices, gonna remember them while taking the assessment!
Thanks for your time