This undated GCHQ presentation gives an overview of the agency’s use of hacking techniques, including an explanation of what it perceived the legal position to be at the time: see the InterceptHow U.K. Spies Hacked a European Ally and Got Away With It, 17 February 2018.
This NSA presentation from 16 July 2009 explains how the XKeyScore system supports the agency’s Tailored Access Operations: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
This NSA presentation from 15 October 2009 explains how analysts can exploit the products of the agency’s CNE hacking operations within XKeyScore and provides examples with screenshots: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
This undated page taken from GCHQ’s internal GCWiki cites the codename LEGSPIN (highlighted) also found in an analysis of Regin malware: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014.