https://lab.wallarm.com/xxe-that-can-bypass-waf-protection-98f679452ce0/
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XXE%20Injection
https://hackerone.com/reports/347139
https://mohemiv.com/all/evil-xml/
https://github.com/BuffaloWill/oxml_xxe
https://gosecure.github.io/xxe-workshop/#0
https://www.netspi.com/blog/technical/web-application-penetration-testing/playing-content-type-xxe-json-endpoints/
https://book.hacktricks.xyz/pentesting-web/xxe-xee-xml-external-entity
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XXE%20Injection