A major security hole is and will always be the human element, if you walk into a company the first response from the people around should be who are you, do you belong; but it's not. Everyone is often to scared to challenge people out of fear. This being a fact opens up a big section for Ethical hackers and "Evil" hackers alike. I want to tell you first that body language is 90 percent of communication. If you can master your body language you will throw less red flags when you are physically penetrating a company. Not only will you portray confidence you will learn how other people use their body language. There is an awesome book written by Joe Navarro called What every BODY is saying He goes into detail about reading people in a very quick manner.
Next, do your research. Know everything about this company. Know it better than the workers there.
If you can know there network, what there badges look like, names of all the higher ups; ideally their faces, and know the floor layout for the most part. The more you know the better. You will look like you fit in better.
Next step, really, is to act like you belong if you are trying to break in somewhere, if you are trying to catch someone look for the guy walking behind people to get into secured access, or getting to know everyone around, or god forbid, please challenge the guy with the big ass computer equipment sticking out of his bag. I shit you not there are some companies that won't even question shit like that. The pentesters fit themselves in so well and the employees are that lacking.
And the last note to remember I guess for this brief tut is to remain calm. If you are all nervous that is an instant red flag. You are not going to get caught if you can keep a cool head. Its a lot like a game. Just be the better player.
Research, Read people, Fit in, stay calm. Pretty easy. The more you do it the better you will become
Cheers,
Revall
Want more to the tut comment bellow or join us in the IRC.