C++ 获取 Windows 10 资源监视器中网络活动的进程流量
要获取 Windows 10 下资源监视器中网络活动的进程网络发送与接收流量,可以使用 Windows API 来实现。以下是一个示例代码:
#include <iostream>
#include <Windows.h>
#include <Psapi.h>
int main()
{
// 获取所有进程的 ID
DWORD processes[1024], cbNeeded, cProcesses;
if (!EnumProcesses(processes, sizeof(processes), &cbNeeded))
{
std::cout << 'Failed to enumerate processes.' << std::endl;
return 1;
}
// 计算进程数量
cProcesses = cbNeeded / sizeof(DWORD);
// 遍历每个进程
for (DWORD i = 0; i < cProcesses; i++)
{
// 打开进程
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, processes[i]);
if (hProcess != NULL)
{
// 获取进程名字
char szProcessName[MAX_PATH];
if (GetModuleBaseNameA(hProcess, NULL, szProcessName, sizeof(szProcessName)) != 0)
{
// 获取进程的网络信息
MIB_TCPROW_OWNER_PID tcpRow;
tcpRow.dwOwningPid = processes[i];
if (GetExtendedTcpTable(&tcpRow, sizeof(tcpRow), TRUE, AF_INET, TCP_TABLE_OWNER_PID_ALL, 0) == NO_ERROR)
{
// 输出进程名字和发送/接收流量
std::cout << 'Process Name: ' << szProcessName << std::endl;
std::cout << 'Sent Bytes: ' << tcpRow.dwBytesSent << std::endl;
std::cout << 'Received Bytes: ' << tcpRow.dwBytesReceived << std::endl;
std::cout << std::endl;
}
}
// 关闭进程句柄
CloseHandle(hProcess);
}
}
return 0;
}
请注意,此代码需要链接Iphlpapi.lib库。
原文地址: https://www.cveoy.top/t/topic/fQ7L 著作权归作者所有。请勿转载和采集!