Here on SecurityStreet, we get a lot of questions regarding penetration testing and how to evade various Anti-Virus programs detecting the work you're doing. Still, if you can't actually run a fully functional test, then you can't mimic the real world conditions that an attacker would take to try to get into and exploit your networks.

This guide: Security Guide: How to Evade Anti-Virus Detection, will help with how to best avoid that detection on the machines targeted by your Metasploit pen tests. Please note - this guide assumes some familiarity with Metasploit Pro and penetration testing in general.

Once you've read through the document, there's also an excellent Webinar, and a White Board Wednesday on this topic linked at the end of the document, for some additional insight and discussion.

Please let us know your feedback, ask any questions that we can clarify, and feel free to suggest other guides that might help with the specific security challenges you're facing day by day.