I love Mimikatz. Getting credentials in cleartext is always a good feeling. More often then not during a pentesting engagment, I will inevitably run into some sort of antivirus. This can occasionally slow me down. Often, if its a local solution, I can kill the service, and continue on my merry way. Some enterprise solutions are much trickier, however.
While researching different possibilities online, I found an article from the super team over at BHIS, describing my exact problem. That article can be found here: https://www.blackhillsinfosec.com/bypass-anti-virus-run-mimikatz/. Essentially, they went about modifying the Invoke-Mimikatz.ps1 file to avoid AV detection.
I wanted a place online where I could upload and edit my version of the Invoke-Mimikatz.ps1, using the guidlines in the article.
CREDITS
Article was written by Carrie Roberts of BHIS https://www.blackhillsinfosec.com/bypass-anti-virus-run-mimikatz/
Mimikatz was written by Benjamin Delpy https://github.com/gentilkiwi/mimikatz
Invoke-Mimikatz.ps1 was written by the PowerSploitMafia team https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Invoke-Mimikatz.ps1