diff --git a/README.md b/README.md
index 2c47438cfc..e482c136e4 100644
--- a/README.md
+++ b/README.md
@@ -4,9 +4,13 @@
 
 `cnquery` is a cloud-native tool for querying your entire fleet. It answers thousands of questions about your infrastructure, and integrates with over 300 resources across cloud accounts, Kubernetes, containers, services, VMs, APIs, and more.
 
+![cnquery run example](docs/gif/cnquery-run.gif)
+
+Here are a few more examples:
+
 ```bash
 # run a query and print the output
-cnquery run local -c "packages.installed { name version }"
+cnquery run local -c "ports.listening { port process }"
 
 # execute a query pack on a Docker image and print results as json
 cnquery scan docker 14119a -f pack.mql.yaml -j
@@ -97,9 +101,11 @@ cnquery scan local --pack incident-response --query-id sth-01
 Custom query packs let you bundle queries to meet your specific needs. You can find a simple query pack example in `examples/simple.mql.yaml`. To run it:
 
 ```bash
-cnquery scan local -f examples/simple.mql.yaml
+cnquery scan local -f examples/example-os.mql.yaml
 ```
 
+![](docs/gif/cnquery-scan.gif)
+
 These files can also contain multiple query packs for many different target systems. For an example, see `examples/multi-target.mql.yaml`.
 
 ## Distributing cnqueries across your fleet
diff --git a/docs/gif/cnquery-run.gif b/docs/gif/cnquery-run.gif
new file mode 100755
index 0000000000..61adc0627f
Binary files /dev/null and b/docs/gif/cnquery-run.gif differ
diff --git a/docs/gif/cnquery-scan.gif b/docs/gif/cnquery-scan.gif
new file mode 100755
index 0000000000..d3df7a6626
Binary files /dev/null and b/docs/gif/cnquery-scan.gif differ
diff --git a/examples/example.unix.mql.yaml b/examples/example-os.mql.yaml
similarity index 78%
rename from examples/example.unix.mql.yaml
rename to examples/example-os.mql.yaml
index b053964b21..4e1edd6355 100644
--- a/examples/example.unix.mql.yaml
+++ b/examples/example-os.mql.yaml
@@ -8,13 +8,11 @@ packs:
   - title: Find all SSH packages that are installed
     query: |
       packages.
-        where(name == /ssh/).
-        list
+        where(name == /ssh/)
   - title: Get SSH services
     query: |
       services.
-        where(name == /ssh/).
-        list
+        where(name == /ssh/)
   - title: All the SSH config
     query: |
       sshd.config.params