A forum for reverse engineering, OS internals and malware analysis 

Forum for discussion about kernel-mode development.
 #31527  by Krzysiek
 Mon Apr 30, 2018 5:49 pm

I'm considering to develop (Windows 10) application with following goals:

1) list all process (something like/similar to Windows Task Manager)
2) count (and display) how many packets sends/receives particular process.

Because I'm a beginner in this field please indicate what libraries is best suited for above tasks.
 #31529  by Vrtule
 Tue May 01, 2018 1:32 pm
Ad 1)
Tool Help library for example (CreateToolhelp32Snapshot, Process32First, Process32Next).

Ad 2)
PDH can be used to collect such information, although I doubt there is a per-process patcket count counter. Alternatively, WMI may be the right choice (but I have never worked with it seriously).