Attack classification does represent a crucial activity in different security areas. During security assessment, it makes it easier to define which attacks must be performed. When conducting threat modeling activities, it simplifies the definition of attack graphs. Many works have addressed the attack taxonomy problem, by introducing different ways to classify attacks. However, these classifications are centered around vulnerabilities and have all been designed from the point of view of those defending a system. Nowadays, companies have a growing interest in Penetration Testing activities, as they have proven effective in detecting vulnerabilities. Penetration testers perform their activity by focusing on goals rather than attack types. In this paper we introduce a “goal-centric” methodology to classify attacks in terms of Hacking Goals.