-
Notifications
You must be signed in to change notification settings - Fork 14
Snippets
Some snippets have been included for basic YARA rule patterns, such as any/all of them, for..of, and common binary file headers.
Additionally, each section in a rule (meta, strings, condition) has a toggle-able snippet that can be controlled by the YARA configuration built in to VSCode. If my section snippets interfere with existing ones you've set up, just turn them off!
Lastly, the built-in meta snippet has its own configuration entry, so you can pre-generate your metadata for every rule. It supports snippet variables, such as ${CURRENT_DATE} or ${TM_FILENAME} as well. For example, setting the yara.metaEntries configuration to the following will auto-fill the date, and a tabstop will be placed in the hash field for you to fill in immediately:
{
"date": "${CURRENT_YEAR}-${CURRENT_MONTH}-${CURRENT_DATE}",
"hash": ""
}
Wanting to add your own snippet or curious what snippet variables exist? Take a look at https://code.visualstudio.com/docs/editor/userdefinedsnippets#_create-your-own-snippets