diff --git a/docs/logos/cluster25.png b/docs/logos/cluster25.png
new file mode 100644
index 0000000..e201ca3
Binary files /dev/null and b/docs/logos/cluster25.png differ
diff --git a/documentation/logos/cluster25.png b/documentation/logos/cluster25.png
new file mode 100644
index 0000000..e201ca3
Binary files /dev/null and b/documentation/logos/cluster25.png differ
diff --git a/documentation/website/expansion/cluster25_expand.json b/documentation/website/expansion/cluster25_expand.json
new file mode 100644
index 0000000..d41c212
--- /dev/null
+++ b/documentation/website/expansion/cluster25_expand.json
@@ -0,0 +1,14 @@
+{
+    "description": "Module to query Cluster25 CTI.",
+    "logo": "cluster25.png",
+    "requirements": [
+        "A Cluster25 API access (API id & key)"
+    ],
+    "input": "An Indicator value of type included in the following list:\n- domain\n- email-src\n- email-dst\n- filename\n- md5\n- sha1\n- sha256\n- ip-src\n- ip-dst\n- url\n- vulnerability\n- btc\n- xmr\n ja3-fingerprint-md5",
+    "output": "A series of c25 MISP Objects with colletion of attributes mapped from Cluster25 CTI query result.",
+    "references": [
+        ""
+    ],
+    "features": "This module takes a MISP attribute value as input to query the Cluster25CTI API. The result is then mapped into compatible MISP Objects and relative attributes.\n"
+}
+