Skip to content
/ Process-Hunter Public

A C program that retrieves detailed information about a running process in the operating system using the Process ID (PID)

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0xAminED/Process-Hunter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
Process_Hunter.c
Process_Hunter.c
 
 
README.md
README.md
 
 

Repository files navigation

Process-Hunter

A C program that retrieves detailed information about a running process in the operating system using the Process ID (PID). This program utilizes the Linux /proc filesystem to extract useful details such as process name, command-line arguments, state, parent process ID, memory usage, and executable path.

Features

  • Process Name: Fetches the name of the process.
  • Command-line Arguments: Retrieves the command-line arguments used to launch the process.
  • Process State: Displays the current state of the process (e.g., running, sleeping).
  • Parent Process ID (PPID): Fetches the parent process ID.
  • Memory Usage: Displays the virtual memory size of the process.
  • Number of Threads: Shows the number of threads used by the process.
  • Executable Path: Gets the path to the executable of the running process.
  • Error Handling: Gracefully handles errors such as invalid PID or file access issues.

Requirements

  • C Compiler: gcc or compatible C compiler.
  • Linux Operating System: This program is designed to work on Linux-based systems as it uses the /proc filesystem.

Installation

To build and run the project on a Linux-based system:

  1. Clone the repository:
git clone https://github.com/0xAminED/Process-Hunter.git
cd Process-Hunter
  1. Compile the code:
gcc -o Process_Hunter Process_Hunter.c
  1. Run the process scanner:
./Process_Hunter

Usage

The program requires the Process ID (PID) of the process whose details you want to retrieve.

Example

Enter Process ID (PID): 1234
Fetching information for PID: 1234
Process Name: bash
Command-line: /bin/bash -c sleep 100
=== Status ===
State: S (sleeping)
PPid: 1000
Threads: 1
VmSize: 12456 kB
Executable Path: /usr/bin/bash

Explanation of Output

  • Process Name: Displays the name of the process.
  • Command-line: Shows the full command line used to start the process.
  • State: The current state of the process (e.g., sleeping, running).
  • Parent Process ID (PPid): The PID of the parent process that spawned the current process.
  • Threads: Displays The number of threads associated with the process.
  • VmSize: The virtual memory size allocated to the process.
  • Executable Path: The full path to the executable file running the process.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Acknowledgments

  • Thanks to the contributors for their valuable feedback and improvements.

About

A C program that retrieves detailed information about a running process in the operating system using the Process ID (PID)

Topics

c forensics process-monitor malware-analysis

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages