diff --git a/README.md b/README.md
index 8aed0b2..43db730 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,7 @@ For more information: [Extending MISP with Python modules](https://www.misp-proj
* [apiosintDS](misp_modules/modules/expansion/apiosintds.py) - a hover and expansion module to query the OSINT.digitalside.it API.
* [AssemblyLine submit](misp_modules/modules/expansion/assemblyline_submit.py) - an expansion module to submit samples and urls to AssemblyLine.
+* [AssemblyLine query](misp_modules/modules/expansion/assemblyline_query.py) - an expansion module to query AssemblyLine and parse the full submission report.
* [Backscatter.io](misp_modules/modules/expansion/backscatter_io.py) - a hover and expansion module to expand an IP address with mass-scanning observations.
* [BGP Ranking](misp_modules/modules/expansion/bgpranking.py) - a hover and expansion module to expand an AS number with the ASN description, its history, and position in BGP Ranking.
* [BTC scam check](misp_modules/modules/expansion/btc_scam_check.py) - An expansion hover module to instantly check if a BTC address has been abused.
diff --git a/doc/README.md b/doc/README.md
index 6ab49ee..4d2ed90 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -22,13 +22,35 @@ On demand query API for OSINT.digitalside.it project.
-----
+#### [assemblyline_query](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/assemblyline_query.py)
+
+
+
+A module tu query the AssemblyLine API with a submission ID to get the submission report and parse it.
+- **features**:
+>The module requires the address of the AssemblyLine server you want to query as well as your credentials used for this instance. Credentials include the used-ID and an API key or the password associated to the user-ID.
+>
+>The submission ID extracted from the submission link is then used to query AssemblyLine and get the full submission report. This report is parsed to extract file objects and the associated IPs, domains or URLs the files are connecting to.
+>
+>Some more data may be parsed in the future.
+- **input**:
+>Link of an AssemblyLine submission report.
+- **output**:
+>MISP attributes & objects parsed from the AssemblyLine submission.
+- **references**:
+>https://www.cyber.cg.ca/en/assemblyline
+- **requirements**:
+>assemblyline_client: Python library to query the AssemblyLine rest API.
+
+-----
+
#### [assemblyline_submit](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/assemblyline_submit.py)
A module to submit samples and URLs to AssemblyLine for advanced analysis, and return the link of the submission.
- **features**:
->The module requires the address of the AssemblyLine server you want to query as well as your credentials in this instance. Credentials include the user-ID and an API key or the password associated to the user-ID.
+>The module requires the address of the AssemblyLine server you want to query as well as your credentials used for this instance. Credentials include the user-ID and an API key or the password associated to the user-ID.
>
>If the sample or url is correctly submitted, you get then the link of the submission.
- **input**:
diff --git a/doc/expansion/assemblyline_query.json b/doc/expansion/assemblyline_query.json
new file mode 100644
index 0000000..700bde0
--- /dev/null
+++ b/doc/expansion/assemblyline_query.json
@@ -0,0 +1,9 @@
+{
+ "description": "A module tu query the AssemblyLine API with a submission ID to get the submission report and parse it.",
+ "logo": "logos/assemblyline.png",
+ "requirements": ["assemblyline_client: Python library to query the AssemblyLine rest API."],
+ "input": "Link of an AssemblyLine submission report.",
+ "output": "MISP attributes & objects parsed from the AssemblyLine submission.",
+ "references": ["https://www.cyber.cg.ca/en/assemblyline"],
+ "features": "The module requires the address of the AssemblyLine server you want to query as well as your credentials used for this instance. Credentials include the used-ID and an API key or the password associated to the user-ID.\n\nThe submission ID extracted from the submission link is then used to query AssemblyLine and get the full submission report. This report is parsed to extract file objects and the associated IPs, domains or URLs the files are connecting to.\n\nSome more data may be parsed in the future."
+}
diff --git a/doc/expansion/assemblyline_submit.json b/doc/expansion/assemblyline_submit.json
index 7c90f34..9fe9af6 100644
--- a/doc/expansion/assemblyline_submit.json
+++ b/doc/expansion/assemblyline_submit.json
@@ -5,5 +5,5 @@
"input": "Sample, or url to submit to AssemblyLine.",
"output": "Link of the report generated in AssemblyLine.",
"references": ["https://www.cyber.gc.ca/en/assemblyline"],
- "features": "The module requires the address of the AssemblyLine server you want to query as well as your credentials in this instance. Credentials include the user-ID and an API key or the password associated to the user-ID.\n\nIf the sample or url is correctly submitted, you get then the link of the submission."
+ "features": "The module requires the address of the AssemblyLine server you want to query as well as your credentials used for this instance. Credentials include the user-ID and an API key or the password associated to the user-ID.\n\nIf the sample or url is correctly submitted, you get then the link of the submission."
}