What is the recommended approach instead of trying to bypass all AVs?

In penetration testing, the first step when endpoint defenses are involved is to map the environment and understand what protections are in place. The recommended approach is to conduct reconnaissance to determine what antivirus product is deployed on the target and its version. With that knowledge, you can plan the assessment within the rules of engagement, choose or design safe, vendor-supported test methods, and tailor your testing to the specific AV's detection capabilities. This keeps the engagement ethical and legal while still evaluating how the defense functions and how it affects your testing approach. Trying to acquire and weaponize the AV to defeat it crosses into creating or using malware, which is unsafe and typically outside the sanctioned scope. Reconfiguring a firewall or installing a new OS addresses different controls or changes the target environment, not the specific AV behavior, and would also require separate approvals.