From 57a9ada5bfaedfc40de012bf681b6a77485cdd09 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 20 Mar 2016 19:54:32 +0100
Subject: [PATCH] types are now described

---
 README.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/README.md b/README.md
index 9493fdc..a3f5b39 100644
--- a/README.md
+++ b/README.md
@@ -9,6 +9,7 @@ MISP modules support is included in MISP starting from version 2.4.X.
 
 ## Existing MISP modules
 
+* [CVE](modules/expansion/cve.py) - a hover module to give more information about a vulnerability (CVE).
 * [DNS](modules/expansion/dns.py) - a simple module to resolve MISP attributes like hostname and domain to expand IP addresses attributes.
 * [passivetotal](modules/expansion/passivetotal.py) - a [passivetotal](https://www.passivetotal.org/) module to query the passivetotal passive DNS interface.
 * [sourcecache](modules/expansion/sourcecache.py) - a module to cache a specific link from a MISP instance.
@@ -32,9 +33,23 @@ If your module requires additional configuration (to be exposed via the MISP use
         "username",
         "password"
       ],
+      "module-type": [
+        "expansion",
+        "hover"
+      ],
+
 ...
 ~~~
 
+### Module type
+
+A MISP module can be of two types:
+
+- **expansion** - service related to an attribute that can be used to extend and update an existing event.
+- **hover** - service related to an attribute to provide additional information to the users without updating the event.
+
+module-type is an array where the list of supported types can be added.
+
 ## Testing your modules?
 
 MISP uses the **modules** function to discover the available MISP modules and their supported MISP attributes: