What is the pricing for Zircolite?

Zircolite is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/wagga40/Zircolite/ for download and installation instructions.

What are alternatives to Zircolite?

Popular alternatives to Zircolite include: 1. Binwalk - Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images. (Free) 2. Zeek Analysis Tools (ZAT) - ZAT is a Python package that processes and analyzes Zeek network security data using machine learning libraries like Pandas, scikit-learn, Kafka, and Spark. (Free) 3. LastActivityView - A tool that collects and displays user activity and system events on a Windows system. (Free) 4. lw-yara - A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection. (Free) 5. ocaml-yara - An OCaml Ctypes wrapper for the YARA matching engine that enables malware identification capabilities in OCaml applications. (Free) Compare these tools and more at https://cybersectools.com/categories/security-operations

Who should use Zircolite?

Zircolite is for security teams and organizations that need Log Management, Security Tools. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations

What is the pricing for Zircolite?

Zircolite is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/wagga40/Zircolite/ for download and installation instructions.

What are alternatives to Zircolite?

Popular alternatives to Zircolite include: 1. Binwalk - Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images. (Free) 2. Zeek Analysis Tools (ZAT) - ZAT is a Python package that processes and analyzes Zeek network security data using machine learning libraries like Pandas, scikit-learn, Kafka, and Spark. (Free) 3. LastActivityView - A tool that collects and displays user activity and system events on a Windows system. (Free) 4. lw-yara - A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection. (Free) 5. ocaml-yara - An OCaml Ctypes wrapper for the YARA matching engine that enables malware identification capabilities in OCaml applications. (Free) Compare these tools and more at https://cybersectools.com/categories/security-operations

Who should use Zircolite?

Zircolite is for security teams and organizations that need Log Management, Security Tools. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations

Zircolite

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.

742

Security Operations Open Source

Log Management Security Tools

Visit website

Compare

Zircolite

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.

Security Operations•Digital Forensics and Incident Response

Open Source

Log Management Security Tools

742stars

GitHub Stars

06 Apr

Last commit

Visit Website

Updated 14 Mar 26

Compare

Explore Security Operations 24 Alternatives Compare Stacks Market Map Explore All Tools

MCPThe entire cybersecurity market, one prompt awayTry MCP Access

Zircolite Description

Zircolite is a standalone tool written in Python 3 that allows the use of SIGMA rules on various log formats including MS Windows EVTX, Auditd, Sysmon for Linux, EVTXtract, CSV, and XML. It is relatively fast, based on a Sigma backend (SQLite), and can export results to multiple formats like JSON, CSV, Splunk, Elastic, Zinc, and Timesketch. Zircolite can be used directly in Python or through provided binaries.

Zircolite Description

Zircolite FAQ

Common questions about Zircolite including features, pricing, alternatives, and user reviews.

Zircolite is Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.. It is a Security Operations solution designed to help security teams with Log Management, Security Tools.

Have more questions? Browse our categories or search for specific tools.