A somewhat curated list of links to various topics in application security.
Exploiting The Entity: XME (XML External Entity Injection)
Spilling Local Files via XXE When HTTP OOB Fails
XXE: How to become a Jedi
XML external entity (XXE) injection
XXE at Bol.com
Advice From A Researcher: Hunting XXE For Fun and Profit
XXE - XML External Entity Attack
XXE - Things Are Getting Out of Band
swisskyrepo/PayloadsAllTheThings
XXE ALL THE THINGS!!! (including Apple iOS's Office Viewer)_HackDig
Automated Data Exfiltration with XXE
Identifying Xml eXternal Entity vulnerability (XXE)
Blog
XXEGen
https://github.com/BuffaloWill/oxml_xxe
Automated Data Exfiltration with XXE
