v1.0.0

First stable release.

Added

• SKA bootstrap attack (ska): a captured Shared-Key auth handshake seeds the shared PTW vote over the BSSID's pool and the recovery is credited to SKA, so keys_by_ska now reflects handshake-bearing cracks. It runs first but only when a handshake is present, and it bootstraps the statistical search rather than being a standalone cipher break.

Changed

• Parallel capture discovery -- a metadata-only directory walk followed by a parallel magic-filter, replacing the serial per-file open before ingest; traversal order is preserved, so the merged result stays deterministic.
• Lower ingest-time peak memory -- a BSSID's WEP attack material is boxed and allocated only for WEP networks, so the WPA/open/unknown majority of records stay small.
• Bounded diagnostics at scale -- --debug summarises the top WEP BSSIDs plus a one-line census and a periodic ingest heartbeat (not a line per BSSID or file); --log coalesces repeated identical events per file into a single count=N line.
• WEP summary lists every network at or above the WEP-40 unique-IV feasibility floor (or cracked) and collapses the thin tail into a count.
• Per-BSSID crack time -- the reported seconds is the wall-clock actually spent cracking a network, not the time from the start of the attack phase.
• Fair per-attack scheduling -- the per-BSSID time budget is split into an equal slice per runnable statistical attack, so a slow earlier attack can no longer starve PTW/KoreK/FMS/bias of their turn.
• --time-budget now defaults to 60s and bounds the statistical sweep and the brute grind alike; --time-budget 0 disables the cap (unlimited) for both.
• Reuse the packet data buffer across reads during ingest, avoiding a heap allocation per packet.

See the CHANGELOG for full details.

Passive and offline: WEPWolf reads capture files only -- it never captures traffic, injects frames, or touches a radio.