Shortcuts
General
Usable Security/HCI in General: NIST Visualization and Usability Group (NIST Usability and Security,
,
Industry Usability Reporting/Standards,
)
BCS Usability News
Richard Conlan's Blog on Usable Security
HCISec Bibliography
Soups-announce -- Announcements related to the Symposium On Usable Privacy and Security (SOUPS)
HCI Bibliography
(Usability Body of Knowledge;
;
)
Human-Computer Interaction Resource Network
Human-Centered Computing Education Digital Library
eyemovementresearch.comHuman Cognitive Architectures and Models: ACT-R (ACT-R users primary mailing list) jACT-R CCMSuite (Python ACT-R)
(Documentation Wiki)
SANLab-CM
(Old Project Page)
AutoCWW2Eye-Tracking:
User Authentication and Identity Management
General:
W3C CCG (Credentials Community Group)
(@W3C)
W3C WebID
(
)
Risk-based Authentication @ Ruhr University Bochum
National Strategy for Trusted Identities in Cyberspace (NSTIC)
Deidentification@NIST.GOVPassword Checkers, Meters, Crackers and Analyzers: PasswordResearch.com Research Papers on Password-based Cryptography Xato - Passwords & Security
(Pwned Passwords,
API)
COMB @ GitHub
weakpass.com
(Passwords)
Yahoo Password Frequency Corpus
PARS (Password Analysis and Research System)
Password Hashing Competition
Password Multi-Checker Tool @ Concordia
zxcvbn (Dropbox's Password Meter)
CMU-CUPS-CHI2017 data-driven password meter
(@github)
passwdqc
Google Password Strength API
The Password Meter
password-checker.online-domain-tools.com
(password-generator.online-domain-tools.com)
howsecureismypassword.net
Oracle Password Checker
Javascript Password Strength Meter
Password Checker @ My1Login
Kaspersky Password Checker
Password Checker @ online-domain-tools.com
Password strength checker @ ProPrivacy
HashView
Hashcat GUI
THC-Hydra
OMEN (Ordered Markov ENumerator)
RainbowCrack
Cain & Abel
Medusa Parallel Network Login Auditor
fgdump
Phraser
thepasswordproject.com
The Sprawl
(PACK - Password Analysis and Cracking Toolkit, automatic password rule analysis and generation)
AccessData Password Recovery Toolkit® (PRTK®)
Pipal (Password Analyser)
(@Github)
Passpal
Cain and AbelPassword Cracking Corpra: Mark Kantrowitz's Name Corpus Oxford Reference "Name Studies" dictionaries Lists of most common surnames @ Wikipedia
Chinese-Names-Corpus @ GitHub
family_name_handle @ GitHub
汉姓罗马字标注 @ Wikipedia
中国姓氏排名 @ Wikipedia
Password Management and Generation:
Clipperz
(@Github)
Passphrase Generator @ passphrases.peerio.comUser Authentication: Graphical User Authentication
fastword
Blue Moon Authentication
(myAGSES Services)
(Grid2Form™,
GridSoftToken™,
GridAdvanced™)
Session Juggler
BlueProximity
How unique are your usernames?Mobile Security and Privacy: TaintDroid AntiTaintDroid (ScrubDroid) DroidBox Android-Application-SandBox (AASandbox) Mobile-Sandbox Agrigento
(@GitHub)
Android-specific components of FlowDroid
DroidForce
AppAudit: Uncover Hidden Data Leaks in Apps
(@GitHub)
AppGuardian
ScanDal: Static Analyzer for Detecting Privacy Leaks in Android Applications
Intent Fuzzer
MindMac's IntentFuzzer
(@Github)
DroidBench
Stanford SecuriBench
(Stanford SecuriBench Micro)
UI/Application Exerciser Monkey
monkeyrunner
droidRunner
Dare: Dalvik Retargeting
Androguard
APKinspector
Dedexer
DECAF (Dynamic Executable Code Analysis Framework) + DroidScope
Simplify: Generic Android Deobfuscator
PlayDrone: A Measurement Study of Google Play
ProGuard
XSI-Android
Purple Robot
CopperDroid
EdgeMiner
Tracedroid
Dexter
SandDroid @ XJTU
Akana - Android App Interactive Analysis Enviroment
(Eacus)
PrivMetrics
PlayDrone
(@Github,
@archive.org)
Human vs. Security
Human Computation:
Crowdsourcing and Human Computation @ Google Groups
Journal of Artificial Intelligence Research's Special Track on Human Computation and AIHuman Interactive Proofs (HIPs) and Visual Analytics for Security: HIPs @ Aladdin.CMU
CAPTCHA
(
)
Visualisation work @ TREsPASS project
SecHCI
GATE (Graphic Access Tabular Entry)
SEa AUF Image ProjectSocial Engineering:
(
)
Jose Nazario's Phishing Corpus (Nov 2004 - June 2005)
Google Safe Browsing API
(Protocolv2Spec: Client specification for the Google Safe Browsing v2.2 protocol)
Report Suspected Phishing Sites to Symantec
UAB PhishIQ™ Tool
Phishing and Pharming Information Site
AA419 (Artists Against 419)
Identity Theft Surveys and Studies @ Privacy Rights Clearinghouse
Identity Theft @ Federal Trade Commission (US)
Putting an End to Account-Hijacking Identity Theft @ FDIC (US)
RSA Online Fraud Resource Center
Cisco IronPort Phishing Overview
(Security Labs, Attack Information Center)
(
)
Phishing Security Info @ Panda Security
proofpoint
(
)
(Security, Risk & Fraud)
Web Password Hashing (PwdHash)
(Netcraft Phishing Site Feed)
Privacy, Anonymity and Internet Censorship
Data Protection and Privacy Laws: DLA Piper Global Data Protection Laws of the World - World Map Data Protection and Privacy Legislation Worldwide @ UNCTAD Data protection around the world @ CNIL Data Protection Scholars Network (DPSN)
Projects, Campaigns and Working Groups: Privacy By Design (PbD) W3C Privacy Page (P3P: The Platform for Privacy Preferences) W3C Privacy Community Group (GitHub) W3C Data Privacy Vocabularies and Controls Community Group (GitHub; DPV - Data Privacy Vocabulary, DPV Primer, DPV-GDPR: GDPR Extension for DPV; GDPRtEXT; GDPRov) IETF Geographic Location/Privacy Working Group MozPETs: Mozilla Privacy Enhancement Technologies
(Anonymity Bibliography)
(Anonymity Bibliography)
PoliPoly: Privacy policy analysis demo
Organizations and Networks:
(
, Online Guide to Practical Privacy Tools)
Tactical Technology Collective (Tactical Tech)
International Network of Civil Liberties Organizations (INCLO)
Global Privacy Enforcement Network (GPEN)
OECD Working Party on Information Security and Privacy (WPISP)
(
)
The Economics of Privacy
spychips.com
Pandab
Privacy Enhancing Technologies and Products: UK CDEI's Privacy Enhancing Technologies Adoption Guide Mozilla - *privacy not included Companies, Start Ups and Projects in the Privacy Space @ Airtable.com
Onoin Routing
Vidalia
Talis (The Amnestic Incognito Live System)
Freegate
Obscure Me: A Toolbox for Online Privacy
Visual Privacy Advisor
PriBot
(Polisis,
PoliCompare)
OPP-115 Corpus (ACL 2016) + APP-350 Corpus (PETS 2019) + MAPS Policies Dataset (PETS 2019) + Government Privacy Instructions Corpus (ArXiv 2022) + Connections Between OPP-115 and the GDPR (JURIX 2020) + Opt-out Choice Dataset (WWW 2020) + Opt-out Choice Dataset (EMNLP 2017) + ACL/COLING 2014 Dataset + ASDUS Segmenting Tool
Princeton-Leuven Longitudinal Corpus of Privacy Policies (WWW 2021)
(GitHub;
Web frontend)
DMOZ-Privacy-Policy-Corpus-CODASPY21
Kuznetsov et al.'s dataset of privacy policies of IoT devices (Sensor 2022)
(Kuznetsov et al.'s crawler)
WebChoices: Digital Advertising Alliance's Consumer Choice Tool for Web US
Google Ads Settings
Microsoft Personalized Ad Preferences
Yahoo! Ad Interest Manager
BlueKai (Oracle) Consumers Opt-Out Page
AVG PrivacyFix
AVG PrivacyFix
(testing against the reference server)
Do Not Track
All About Do Not Track (DNT)
(GitHub;
PrivacyFlash Pro (NDSS 2021);
OptMeowt)
(
, 
)
EFF's Privacy Badger
Privacy Sandbox
PrivySeal
Privacy Budget
IBM Anonymization (EDDI) Library
AmIUnique
ASDUS (Automatic Segment Detection using Unsupervised and Supervised Learning)
(Vehicle Privacy Report™)
GenomePrivacy.org
International Workshop on Genome Privacy and Security
iDASH Privacy & security workshop
PrivacyAlert: a dataset for image privacy prediction (ICWSM 2022)
Internet Censorship and Control: Collections of Peer-Reviewed Papers on Internet Censorship and Control
Berkman Klein Center for Internet & Society at Harvard University
(
)
(Internet Freedom)
Golden Shield Project @ Wikipedia
(50 Key Stats About Freedom of the Internet Around the World)
Chinese Firewall Test @ ViewDNS.info