About

Built for the tester, not the buyer.

PTVault exists because every other evidence manager either lives in the cloud, sells your data, or charges per seat. None of those are options when you're on a client site that runs an air-gapped network.

Three opinions, baked in

  1. Local-first. Your data is on your machine. No cloud sync. No telemetry. No analytics scripts. PTVault is a self-contained binary; it doesn't talk to a backend you don't run.
  2. Cryptographically licensed. Pro is unlocked with an RSA-2048 signed license key. The private signing key never leaves the developer. The binary ships with only the public key — even with full source-code access, you can't forge a valid Pro key.
  3. Air-gap ready. PTVault runs as a single PyInstaller binary, ships with SQLite under the hood, and never needs a network connection. Drop it on a Kali VM with no internet and it works.

The license model in one snippet

License key — format

PTV2-<base64url-payload>.<base64url-signature>


# Payload (signed):

# { "t": "pro", "o": "ACME Corporation",

#   "e": "2027-12-31", "i": "2026-02-24" }

Curious about how the licensing model holds up? See the License System doc for the full threat model.

Who's behind it

PTVault is built by Kevin Riley — pentester, sysadmin, and tired-of-paying-for-Dradis customer. If you've got feedback, the contact page has the lines that get read.