EvilLimiter Server
FreeNot checkedEnables AI assistants to control network bandwidth, monitor traffic, and manage device connections via EvilLimiter for authorized network testing and debugging.
About
Enables AI assistants to control network bandwidth, monitor traffic, and manage device connections via EvilLimiter for authorized network testing and debugging.
README
A Model Context Protocol (MCP) server that provides controlled access to EvilLimiter network bandwidth management and monitoring capabilities.
IMPORTANT LEGAL NOTICE
This tool performs ARP spoofing and traffic manipulation. It must ONLY be used on:
- Networks you own
- Networks where you have explicit written permission to perform testing
- Isolated lab environments for educational purposes
Unauthorized use may violate computer fraud laws, network policies, and regulations. You are solely responsible for ensuring legal compliance.
Purpose
This MCP server provides a secure API interface for AI assistants to control network bandwidth, monitor traffic, and manage device connections using EvilLimiter. Designed for authorized network testing, debugging, and educational purposes only.
Features
Current Implementation
scan_network- Scan for online hosts with optional IP range specificationlist_hosts- Display all discovered hosts with IDs and network informationlimit_bandwidth- Throttle bandwidth for specific hosts (upload/download/both)block_host- Block internet access for specific hostsfree_host- Remove all restrictions from hostsadd_host- Manually add hosts to the management listmonitor_bandwidth- Real-time bandwidth usage monitoringanalyze_traffic- Analyze traffic patterns without limitingwatch_status- View watchlist for reconnection detectionwatch_add- Add hosts to reconnection watchlistwatch_remove- Remove hosts from watchlistwatch_configure- Configure watch settings (range, interval)flush_configuration- Reset all network configurations
Prerequisites
- Docker Desktop with MCP Toolkit enabled
- Docker MCP CLI plugin (
docker mcpcommand) - Linux host (EvilLimiter requires Linux)
- Network interface access (container needs NET_ADMIN and NET_RAW capabilities)
Installation
1. Build Docker Image
docker build -t evillimiter-mcp-server .
2. Create Custom Catalog
Create ~/.docker/mcp/catalogs/custom.yaml:
version: 2
name: custom
displayName: Custom MCP Servers
registry:
evillimiter:
description: "Network bandwidth control and monitoring via EvilLimiter"
title: "EvilLimiter"
type: server
dateAdded: "2025-01-29T00:00:00Z"
image: evillimiter-mcp-server:latest
ref: ""
tools:
- name: scan_network
- name: list_hosts
- name: limit_bandwidth
- name: block_host
- name: free_host
- name: add_host
- name: monitor_bandwidth
- name: analyze_traffic
- name: watch_status
- name: watch_add
- name: watch_remove
- name: watch_configure
- name: flush_configuration
metadata:
category: monitoring
tags:
- network
- bandwidth
- monitoring
- security
license: MIT
owner: local
containerConfig:
capAdd:
- NET_ADMIN
- NET_RAW
network: host
3. Update Registry
Edit ~/.docker/mcp/registry.yaml and add under registry::
evillimiter:
ref: ""
4. Configure Claude Desktop
Add "--catalog=/mcp/catalogs/custom.yaml" to your Claude Desktop config args.
5. Restart Claude Desktop
Container Privileges
This container requires elevated network privileges to function:
docker run --cap-add=NET_ADMIN --cap-add=NET_RAW --network=host evillimiter-mcp-server
Or use --privileged flag (less secure but simpler).
Usage Examples
In Claude Desktop, you can ask:
- "Scan the network for all devices"
- "List all connected hosts on the network"
- "Limit device ID 3 to 100kbit bandwidth"
- "Block internet access for device IDs 2 and 4"
- "Monitor current bandwidth usage of limited devices"
- "Analyze traffic for device ID 5 for 60 seconds"
- "Add device 192.168.1.100 to the watchlist"
- "Free all restrictions from device ID 6"
- "Show the current watch status"
- "Flush all network configurations"
Environment Variables
EVILLIMITER_INTERFACE- Network interface to use (auto-detected if not set)EVILLIMITER_GATEWAY_IP- Gateway IP address (auto-detected if not set)EVILLIMITER_GATEWAY_MAC- Gateway MAC address (auto-detected if not set)EVILLIMITER_NETMASK- Network mask (auto-detected if not set)EVILLIMITER_SAFETY_MODE- Enable safety checks (default: true)EVILLIMITER_ALLOWED_RANGES- Comma-separated IP ranges to allow (if safety mode on)EVILLIMITER_API_TOKEN- API token for authentication (optional)
Architecture
Claude Desktop → MCP Gateway → EvilLimiter MCP Server → EvilLimiter CLI
↓
Network Interface (ARP/iptables/tc)
↓
Docker Secrets (optional)
Development
Local Testing
# Set environment variables for testing
export EVILLIMITER_INTERFACE="eth0"
export EVILLIMITER_SAFETY_MODE="true"
export EVILLIMITER_ALLOWED_RANGES="192.168.1.0/24"
# Run directly (requires root/sudo)
sudo python evillimiter_server.py
# Test MCP protocol
echo '{"jsonrpc":"2.0","method":"tools/list","id":1}' | sudo python evillimiter_server.py
Adding New Tools
- Add the function to evillimiter_server.py
- Decorate with @mcp.tool()
- Update the catalog entry with the new tool name
- Rebuild the Docker image
Troubleshooting
Tools Not Appearing
- Verify Docker image built successfully
- Check catalog and registry files syntax
- Ensure Claude Desktop config includes custom catalog
- Restart Claude Desktop completely
Permission Errors
- Ensure container runs with proper capabilities
- Check if running with --network=host
- Verify iptables/tc access
Network Detection Issues
- Manually specify interface with EVILLIMITER_INTERFACE
- Set gateway IP/MAC if auto-detection fails
- Check container network mode
Security Considerations
- Container requires elevated privileges (NET_ADMIN, NET_RAW)
- ARP spoofing affects entire network segment
- All actions are logged to stderr
- Safety mode restricts target IP ranges
- API token authentication available
- Input sanitization prevents command injection
- Never expose this service to the internet
Limitations
- IPv4 only (ARP spoofing requires IPv4)
- Linux host required
- Affects all devices on local network segment
- Cannot bypass HTTPS certificate pinning
- Detection possible via ARP monitoring tools
License
MIT License - Use at your own risk and responsibility
Installing EvilLimiter Server
This server has no published package — it is built from source. Open the repository and follow its README.
▸ github.com/i3T4AN/evillimiter-mcp-serverFAQ
Is EvilLimiter Server MCP free?
Yes, EvilLimiter Server MCP is free — one-click install via Unyly at no cost.
Does EvilLimiter Server need an API key?
No, EvilLimiter Server runs without API keys or environment variables.
Is EvilLimiter Server hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install EvilLimiter Server in Claude Desktop, Claude Code or Cursor?
Open EvilLimiter Server on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
by modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
by xuzexin-hzCompare EvilLimiter Server with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All ai MCPs
