Update expansion.md

Add: virustotal upload 
malshare upload
triage submit

documentation/mkdocs/expansion.md

@@ -1561,6 +1561,29 @@ Module to access Macvendors API.
 
 -----
 
+#### [Malshare Upload](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/malshare_upload.py)
+
+Module to push malware samples to MalShare.com
+[[source code](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/malshare_upload.py)]
+
+- **features**:
+>The module requires a MalShare API key to upload files,  and returns the link of the MalShare analysis.
+
+- **config**:
+>api_key
+
+- **input**:
+>Attachment or malware sample
+
+- **output**:
+>Link attribute that points to the sample at the MalShare analysis instance.
+
+- **references**:
+> - https://malshare.com/
+> - https://malshare.com/doc.php
+
+-----
+
 #### [Malware Bazaar Lookup](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/malwarebazaar.py)
 
 Query Malware Bazaar to get additional information about the input hash.
@@ -2454,6 +2477,42 @@ Module to get information from ThreatMiner.
 - **references**:
 >https://www.threatminer.org/
 
+
+
+-----
+
+#### [Triage Submit](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/triage_submit.py)
+
+Module to submit samples to tria.ge
+[[source code](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/triage_submit.py)]
+
+- **features**:
+> Upload files, and returns the link of the uploaded analysis.
+>
+>The module can submit URLs to retrieve and analyze them directly in the browser or fetch and execute files in the sandbox.
+
+
+- **config**:
+>apikey
+>
+>url_mode ( 'submit' or 'fetch' ) 
+
+- **input**:
+>A MISP attribute included in the following list:
+>- Attachment
+>- malware-sample
+>- url
+
+- **output**:
+>Link attribute that points to the sample at the Triage analysis instance.
+
+- **references**:
+> - https://tria.ge/
+> - https://tria.ge/docs/cloud-api/submit/
+
+- **requirements**:
+>An access to the Triage API (apikey)
+
 -----
 
 #### [TruSTAR Enrich](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/trustar_enrich.py)
@@ -2653,6 +2712,35 @@ Enrich observables with the VirusTotal v3 public API
 - **requirements**:
 >An access to the VirusTotal API (apikey)
 
+
+-----
+
+#### [VirusTotal Upload](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal_upload.py)
+
+<img src=../logos/virustotal.png height=60>
+
+Module to push malware samples to VirusTotal v3 public API
+[[source code](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/virustotal_upload.py)]
+
+- **features**:
+>The module requires a VirusTotal API key to Upload files, and returns the link of the uploaded analysis.
+
+- **config**:
+> - apikey
+
+- **input**:
+>Attachment or malware sample
+
+- **output**:
+>Link attribute that points to the sample at the VirusTotal analysis instance.
+
+- **references**:
+> - https://www.virustotal.com
+> - https://docs.virustotal.com/reference/overview
+
+- **requirements**:
+>An access to the VirusTotal API (apikey)
+
 -----
 
 #### [VMRay Submit](https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/expansion/vmray_submit.py)