From be2786990346f8f5b12812cc0572bf51ba291f7c Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Wed, 8 Apr 2020 11:46:59 +0200
Subject: [PATCH] fix: [doc] corrected filenames for 2 docs

---
 doc/README.md                                 | 34 +++++++++++++++++++
 .../{censys_enrich.py => censys_enrich.json}  |  0
 .../{cytomic_orion.py => cytomic_orion.json}  |  0
 3 files changed, 34 insertions(+)
 rename doc/expansion/{censys_enrich.py => censys_enrich.json} (100%)
 rename doc/expansion/{cytomic_orion.py => cytomic_orion.json} (100%)

diff --git a/doc/README.md b/doc/README.md
index 7e6bee3..37cb2c9 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -152,6 +152,22 @@ An expansion hover module to get a blockchain balance from a BTC address in MISP
 
 -----
 
+#### [censys_enrich](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/censys_enrich.py)
+
+An expansion module to enrich attributes in MISP by quering the censys.io API
+- **features**:
+>This module takes an IP, hostname or a certificate fingerprint and attempts to enrich it by querying the Censys API.
+- **input**:
+>IP, domain or certificate fingerprint (md5, sha1 or sha256)
+- **output**:
+>MISP objects retrieved from censys, including open ports, ASN, Location of the IP, x509 details
+- **references**:
+>https://www.censys.io
+- **requirements**:
+>API credentials to censys.io
+
+-----
+
 #### [circl_passivedns](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/circl_passivedns.py)
 
 <img src=logos/passivedns.png height=60>
@@ -295,6 +311,24 @@ An expansion hover module to expand information about CVE id.
 
 -----
 
+#### [cytomic_orion](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/cytomic_orion.py)
+
+<img src=logos/cytomic_orion.png height=60>
+
+An expansion module to enrich attributes in MISP by quering the Cytomic Orion API
+- **features**:
+>This module takes an MD5 hash and searches for occurrences of this hash in the Cytomic Orion database. Returns observed files and machines.
+- **input**:
+>MD5, hash of the sample / malware to search for.
+- **output**:
+>MISP objects with sightings of the hash in Cytomic Orion. Includes files and machines.
+- **references**:
+>https://www.vanimpe.eu/2020/03/10/integrating-misp-and-cytomic-orion/, https://www.cytomicmodel.com/solutions/
+- **requirements**:
+>Access (license) to Cytomic Orion
+
+-----
+
 #### [dbl_spamhaus](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/dbl_spamhaus.py)
 
 <img src=logos/spamhaus.jpg height=60>
diff --git a/doc/expansion/censys_enrich.py b/doc/expansion/censys_enrich.json
similarity index 100%
rename from doc/expansion/censys_enrich.py
rename to doc/expansion/censys_enrich.json
diff --git a/doc/expansion/cytomic_orion.py b/doc/expansion/cytomic_orion.json
similarity index 100%
rename from doc/expansion/cytomic_orion.py
rename to doc/expansion/cytomic_orion.json