Abstract Understanding the end game of potential adversaries is the first step to modeling which attack vector(s) are likely to be the most profitable or least costly. Hacking activity may be motivated by gain, pain, or fear. Specific attack techniques are linked to challenges against specific security objectives (i.e., confidentiality, integrity, availability). For example, eavesdropping and aircracking are associated with confidentiality attacks. By analyzing attacker behavior in terms of market opportunity and the rational drive to maximize return of investment/effort, we can arrive at a better understanding of how to adapt prevention, detection, and control mechanisms to specific real-world contexts. Use case scenarios can capture insights about where the value resides that meets an attacker’s preference for acceptable risk, exploitable attack surfaces, planning/executing time horizon, available tools/skills, reasonable cost, and sufficient payoff. Keywords Hacker pr