i'm not exactly sure what is being asked as far as the type of 'hacking', but one approach is to make use of weak package references and utilizing your own classes where vulnerable, or possibly even substituting classes if the possibility exists. additionally, this sometimes requires modifying the classpath.

in the context of a web applet, everything is still run under the security manager and policy, barring a signed applet...which may not be saying much depending on the runtime environment.