This documentation explains how to build Keystone on Windows.

For *nix OS, see [COMPILE-NIX.md](COMPILE-NIX.md)

1. Dependency

CMake is required as dependency.

Download & install cmake from http://www.cmake.org

Microsoft Visual Studio 2013 or older is required for compiling.

Download & install it from https://www.visualstudio.com

Python is another dependency. Download & install it from

https://www.python.org

2. Open the Visual Studio Command Promplt, and from the root directory

of Keystone source, do:

$ mkdir build

$ cd build

To build DLL file, run:

$ ..\nmake-dll.bat

By default, this builds all architectures, which is: AArch64, ARM, Hexagon,

Mips, PowerPC, Sparc, SystemZ & X86. To compile just some selected ones,

pass a semicolon-separated list of targets to LLVM_TARGETS_TO_BUILD,

like follows if we only want AArch64 & X86.

$ cmake -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="AArch64, X86" -G "NMake Makefiles" ..

$ nmake

To build LIB file, run:

$ ..\nmake-lib.bat

Like above, this builds all architectures. To compile just some selected ones,

pass a semicolon-separated list of targets to LLVM_TARGETS_TO_BUILD,

like follows if we only want AArch64 & X86.

$ cmake -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=OFF -DLLVM_TARGETS_TO_BUILD="AArch64, X86" -G "NMake Makefiles" ..

$ nmake

Find the generated libraries in build\llvm\lib\keystone.{dll,lib}

In the case you build LIB file, a tool named "kstool.exe" is also

compiled & available under directory "build\kstool".

(Find source of "kstool" in directory "kstool/kstool")

3. Test Keystone with "kstool" like below.

$ kstool.exe x32 "add eax, ebx"

Run "kstool.exe" without any option to find out how to use this handy tool.

4. Learn more on how to code your own tools with our samples.

For C sample code, see code in directory samples/

For Python sample code, see code in directory bindings/python/

To compile Keystone on Mac OS X, Linux, BSD, Solaris and all kind of nix OS,

see [COMPILE-NIX.md](COMPILE-NIX.md)

To compile Keystone on Windows, see [COMPILE-WINDOWS.md](COMPILE-WINDOWS.md)

Learn more on how to code your own tools with our samples.

- For C sample code, see code in directory samples/

- For Python sample code, see code in directory bindings/python/

Documention of Keystone assembler engine.

* How to compile & install Keystone from source.

COMPILE.md

* How to compile & install Keystone from packages.

http://keystone-engine.org/docs/

* Tutorial on programming with C & Python languages.

http://keystone-engine.org/docs/tutorial.html

* Compare Keystone & LLVM.

http://keystone-engine.org/docs/beyond_qemu.html

Keystone engine is based on the [MC component](http://blog.llvm.org/2010/04/intro-to-llvm-mc-project.html) of the LLVM compiler infrastructure, which among many stuffs has an assembler engine inside. LLVM even has a tool named *llvm-mc* that can be used to compile input string of assembly instructions.

While Keystone reuses a part of LLVM as its core (with quite a few of changes to adapt to our design), there is a major difference between them. Notably, Keystone can do whatever LLVM does in term of assembling, but beyond that our engine can do more & do better in some aspects.

The section below highlights the areas where Keystone shines.

- **Framework**: *llvm-mc* is a tool, but not a framework. Therefore, it is very tricky to build your own assembler tools on of LLVM, while this is the main purpose of Keystone. Keystone's API makes it easy to handle errors, report internal status of its core or change compilation mode at runtime, etc.

- **Lightweight**: Keystone is much more lightweight than LLVM because we stripped all the subsystems that do not involve in assembler. As a result, Keystone is more than 10 times smaller in size and in memory consumption. Initial verson of Keystone takes only 30 seconds to compile on a laptop, while LLVM needs 15 minutes to build.

- **Flexibility**: LLVM's assembler is much more restricted. For example, it only accepts assembly in LLVM syntax. On the contrary, Keystone is going to support all kind of input, ranging from Nasm, Masm, etc.

- **Capability**: LLVM is for compiling & linking, so (understandably) some of its technical choices are not inline with an independent assembler like Keystone. For example, LLVM always put code and data in separate sections. However, it is very common for assembly to mix code and data in the same section (think about shellcode). Keystone is made to handle this kind of input very well.

- **Binding**: As a framework, Keystone supports multiple bindings on top of the core, starting with Python (more bindings will be added later). This makes it easy to be adopted by developers.

With all that said, LLVM is an awesome project, which Keystone was born from. However, Keystone is not just LLVM, but offering more because it has been designed & implemented to be an independent framework.

cmake_minimum_required(VERSION 2.8)

project(sample)

include_directories("../../include")

add_executable(sample sample.c)

target_link_libraries(sample keystone)

.PHONY: all clean

KEYSTONE_LDFLAGS = -lkeystone -lstdc++ -lm

all:

${CC} -o sample sample.c ${KEYSTONE_LDFLAGS}

clean:

rm -rf *.o sample