Skip to content

KevinCrrl/evillimiter-ng

BranchesTags

Repository files navigation

Evil Limiter Next Generation

License Badge Compatibility Maintenance Open Source Love

A tool to monitor, analyze and limit the bandwidth (upload/download) of devices on your local network without physical or administrative access.

evillimiter-ng employs ARP spoofing and traffic shaping to throttle the bandwidth of hosts on the network.

Requirements

  • Linux distribution
  • Python 3 or greater

Possibly missing python packages will be installed during the installation process.

Installation

git clone https://github.com/KevinCrrl/evillimiter-ng.git
cd evillimiter-ng

# Arch-based systems (or using the AUR: https://aur.archlinux.org/packages/evillimiter-ng)
cd pkgbuild
makepkg -si

# Other GNU/Linux distros using a virtual env
python -m build
python -m installer dist/*.whl

# or

pip install .

Quick Start Example

After installation, you can start using the tool with the following basic workflow.

  1. Start the program and specify your network interface:
evillimiter-ng -i wlan0
  1. Scan the network for connected hosts:
scan
  1. Limit bandwidth of a device (example: device ID 3 to 200kbit):
limit 3 200kbit

Example of a single-use command in the shell

# Scan the network, list hosts, block everyone for 20 seconds, and then restore connection.
echo "scan && hosts && block all && sleep 20 && free all && exit" | evillimiter-ng

Command-Line Arguments

Argument Explanation
-h Displays help message listing all command-line arguments
-i [Interface Name] Specifies network interface (resolved if not specified)
-g [Gateway IP Address] Specifies gateway IP address (resolved if not specified)
-m [Gateway MAC Address] Specifies gateway MAC address (resolved if not specified)
-n [Netmask Address] Specifies netmask (resolved if not specified)
-f Flushes current iptables and tc configuration. Ensures that packets are dealt with correctly.

evillimiter-ng Commands

Command Explanation
scan (--range [IP Range]) (--intensity [(1,2,3)]) Scans your network for online hosts. One of the first things to do after start.
--range lets you specify a custom IP range.
--intensity lets you specify the scan intensity / speed (1 = quick, 2 = normal (standard), 3 = intense).
Example: scan --range 192.168.178.1-192.168.178.40 --intensity 1 or just scan.
hosts Displays all scanned hosts and basic information.
limit [ID1,ID2,...] [Rate] (--upload) (--download) Limits bandwidth of host(s) associated with specified ID.
block [ID1,ID2,...] (--upload) (--download) Blocks internet connection of host(s).
free [ID1,ID2,...] Removes bandwidth restrictions.
add [IP] (--mac [MAC]) Adds custom host manually.
monitor [ID1,ID2,...] (--interval [time in ms]) Monitor bandwidth usage of host(s).
analyze [ID1,ID2,...] (--duration [time in s]) Analyze traffic usage.
watch Shows current watch status.
watch add [ID1,ID2,...] Adds host(s) to watchlist.
watch remove [ID1,ID2,...] Removes host(s) from watchlist.
watch set [Attribute] [Value] Changes watch settings.
clear Clears terminal window.
quit Quits the application.
sleep Waits for seconds.
?, help Displays command help.

Restrictions

  • Limits IPv4 connections only, since ARP spoofing requires ARP packets which exist only in IPv4 networks.

Legal Disclaimer

Please read the full legal disclaimer here:

LEGAL.md

License

Copyright (c) 2026 by KevinCrrl.

Licensed under the GPLv2 License.

For a detailed list of original authors, dependencies, and their respective licenses, see the CREDITS file.

About

EvilLimiter Next Generation by KevinCrrl

kevincrrl.github.io/evillimiter-ng/

Topics

python linux security archlinux network hacking nextgeneration

Resources

Readme

License

GPL-2.0 license

Contributing

Contributing
Activity

Stars

1 star

Watchers

1 watching

Forks

4 forks
Report repository

Releases 2

2.2.0 Latest
Apr 5, 2026
+ 1 release

Packages

 
 
 

Contributors

Languages