If you decide to start packet sniffing you might also want to attack it from the other side at the same time by decompiling or disassembling the Java applet. Java decompiles very well, thanks to its relatively high-level bytecode. Unless it has been obfusticated you can often get quite close to the original source code using tools like JODE. Or you can just look at the bytecode directly with the standard JDK disassembler, javap.