NIKKEPwned is a Password Manager for NIKKE, it uses localStorage and simulating nikke_launcher
The motivation of this project is simplified login process, allowing users interacts each accounts quickly and effortlessly. Thanks to @neutralinojs/neutralinojs for its streamlined JS/TS bindings.
- NIKKEPwned
Managing multiple accounts can be frustrating and inefficient, especially when you need to log in manually one by one. For users who frequently switch between multiple accounts, constantly entering login information can be a repetitive and tiresome task.
This extension was designed to simplified login process, automate the login process, allowing users to log in to their accounts quickly and effortlessly. Instead copying pasting or manually typing credentials every time, this tool handles the process for you, saving time and reducing errors. By streamlining account management, this tool makes switching between accounts seamless and efficient, eliminating the hassle of repetitive logins. Whether you're managing a handful of accounts or dozens, this tool ensures a smoother, faster, and more convenient login experience.
64-bit editions of Microsoft Windows 11 or Microsoft Windows 10Other environments have not been tested; additional testing and feedback are welcome.
- You should turn-off antivirus
- You should do some exception things or exclusion
- (if your antivirus scanning this tool however)
- Read more: this tool flagged as potential malware
- You should do some exception things or exclusion
- Get the latest build version from the release page You only need nikkepwned-release.zip.
- Unzip it, or extract it "as folder" somewhere in your computer
- Open
nikkepwned-win_x64.exewith Run as Administrator- Read more: Limitations for clearly explanation.
- Edit launcher location where
nikke_launcher.exelocated, then select.- Input accounts as JSON
- If success then select corresponding account
- Proceed auto login
| NOTE: After nikke launcer opened and the automation runs, You should depends on it, do not arbitrary clicks or tabs while login process still running. Just wait until complete I added a small delays to avoid abuse and misleading usage. |
Started from 4.0.1-indev: this tools has automated created websocket connection to Discord Rich Presence. If you willing to disable it check your task manager and kill it manual.
| Feature | Description |
|---|---|
NIKKE LauncherPath |
Specifies the location of nikke_launcher.exe required for the tool to operate. |
JSON Input |
Allows entry of account credentials in JSON format. Refer to Inputting Data for details. |
Account Selection |
Provides a dropdown list of registered accounts for selection. |
Login Execution |
Initiates an automated login process by simulating nikke_launcher without requiring user interaction. |
| Feature | Description |
|---|---|
Account Removal |
Removes the selected account from the tool. |
Switch Delay |
Defines the delay between account switches. Default: 5 seconds (Range: 1–8 seconds). |
Login Delay |
Sets a delay before login attempts to prevent excessive requests. Default: 5 seconds (Range: 1–8 seconds). |
Activity Logs |
Displays operational logs, including login attempts, path updates, and delay configurations. |
Data Purge |
Permanently deletes all stored data within the tool. |
Rapidfire test |
Performs rapid or double-click mouse input tests (macro validation). |
This tool uses JSON and supports two types of input here's the example:
🟢 Single Input (Object Format)
Use this format when inputting one by one account:
{
"nickname": "FUFUFAFA",
"email": "foobar1@gmail.com",
"password": "asuasu123"
}🔵 Multiple Input (Array Format)
Use this format when inputting multiple accounts at once:
[
{
"nickname": "FUFUFAFA",
"email": "foobar1@gmail.com",
"password": "asuasu123"
},
{
"nickname": "FUCEKGIBRAN",
"email": "foobar2@gmail.com",
"password": "asuasu123"
},
{
"nickname": "WHATEVER",
"email": "foobar3+2@gmail.com",
"password": "asuasu123"
}
]If there's an errors watch your step again then..
- You should not change or rename the PROPERTY
nickname,email, andpassword - You only supposed to change its VALUE
Started from 4.0.1-indev: this tool has image reasoning and consuming some LLMs.
You probably don't wanna calculate it manually, and there's always inconsistency between mock battles and real battles (damage values differ — blame NIKKE though), especially in UnionRaid Hard mode which is tons of HP and where exact damage dealt values aren't displayed. NIKKEPwned handle it and check the total damage using image reasoning. It's quite simple: when the battle is about to end at 00:00 or 00:01, press ESC to pause and then assign F8 before registering real damage to ensure accurate results.
Battlefield screen at 00:01 or 00:00 before registering actual damage.
Press ESC to pause, then assign F8 to perform image-reasoning and extract damage data. When assigned, You can make notification keep visible by pressing Win + N.
nvidia/nemotron-nano-12b-v2-vl:free is recommended based on internal tests. It demonstrates faster response times and more consistent accuracy. If everything working as expected you can continue to nikke and registering actual damage otherwise keep retry or regroup.
| Step | Description |
|---|---|
API Key |
Enter your OpenRouter API key to enable access to available models. |
Vision Models |
Default nvidia/nemotron-nano-12b-v2-vl:free. |
Save Configuration |
Save and apply the current configuration. |
Battlefield NIKKE |
Open a battlefield (vs-boss) NIKKE combat screen. |
Trigger Analysis |
Press ESC to pause, then press F8 to initiate damage extraction. |
View Results |
Upon completion, access the results via Windows notifications (Win + N). |
const OPENROUTER_MODEL_POOL = [
"nvidia/nemotron-nano-12b-v2-vl:free",
"google/gemma-4-26b-a4b-it:free",
"google/gemma-4-31b-it:free",
"nvidia/nemotron-3-super-120b-a12b:free",
"minimax/minimax-m2.5:free",
"arcee-ai/trinity-large-preview:free",
"liquid/lfm-2.5-1.2b-thinking:free",
"liquid/lfm-2.5-1.2b-instruct:free",
"nvidia/nemotron-3-nano-30b-a3b:free",
"qwen/qwen3-next-80b-a3b-instruct:free",
"nvidia/nemotron-nano-9b-v2:free",
"openai/gpt-oss-120b:free",
"openai/gpt-oss-20b:free",
"z-ai/glm-4.5-air:free",
"qwen/qwen3-coder:free",
"cognitivecomputations/dolphin-mistral-24b-venice-edition:free",
"google/gemma-3n-e2b-it:free",
"google/gemma-3n-e4b-it:free",
"google/gemma-3-4b-it:free",
"google/gemma-3-12b-it:free",
"google/gemma-3-27b-it:free",
"meta-llama/llama-3.3-70b-instruct:free",
"meta-llama/llama-3.2-3b-instruct:free",
"nousresearch/hermes-3-llama-3.1-405b:free",
];While multiple models are supported nvidia/nemotron-nano-12b-v2-vl:free is recommended based on internal testing. It demonstrates faster response times and more consistent accuracy, with reduced hallucination in image-based reasoning tasks.
Check workflows and the whole build script on
package.json
| NOTE: NodeJS 20.x or higher |
If you prefer to build the project manually, follow these steps:
git clone https://github.com/ScathachGrip/nikkePwned.git
cd nikkePwnedYou can check build script on package.json for the step by step.
This tool must be run as Administrator to function correctly because:
- Simple, I just want to be automated.
- It simulates keystrokes, which requires elevated permissions.
- Opening NIKKE launcher triggers User Account Control (UAC) prompt otherwise the flow will broke
Read more: LIMITATIONS.md for clearly explanation.
Security Notice. For transparency, this application was analyzed by multiple third‑party scanning and sandboxing services. Detection engines may sometimes classify the binary as suspicious because it launches PowerShell commands through <Neutralino.os.execCommand()> and issues simulated keystrokes to interact with the UI (e.g., [System.Windows.Forms.SendKeys]::SendWait). These actions are implemented solely to automate legitimate user interactions (automated login for the NIKKE client) and not for credential harvesting, persistence, or remote access. Such automation patterns can match behavioral signatures used by endpoint protection products; therefore, if you encounter a positive detection, treat it as a potential false positive and consult the linked scan reports or contact the AV vendor for a formal false‑positive review.
Q: Is this safe?
Yes, my code is fully transparent, I even write it with sweet and readable COMMENTS to make more casual or entry level can understand. You can check the source yourself—take a look at app.ts and websocket.ts. There are no hidden scripts or anything suspicious.
Q: I'm still unsure. Do I have to use it?
I completely understand your concern. Here's a simple way to decide:
- You can if you value simplicity and convenience.
- Avoid it
If you FOMOif you security concerns outweigh your need for ease of use.
All code is transparently written and documented in this GitHub repository, with all binary bundles generated through GitHub CI (Continuous Integration). There are no hidden scripts or encrypted stuff. There would be no reason for me to do otherwise.
en_US • NYIKKE "powned" /poʊnd/ */ or "pawned" (/pɔːnd/) — Both mean getting wrecked; "powned" rules gaming slang, while "pawned" sneaks in as an alt take.
This tool can be freely copied, modified, altered, distributed without any attribution whatsoever. However, if you feel like this tool deserves an attribution, mention it. It won't hurt anybody.
Licence: WTF.