Let's say we have a modern system and when we drop a malicious executable onto that system, we get caught.  We can use a technique called "process injection" which will inject our malicious code into the memory space of a running process.  To show how effective this technique is, we're going to use a meterpreter reverse shell on a Windows 10 system with Defender enabled.  

If you're not familiar with Canarytokens, they are web bugs that you can embed into various forms.  From their website:  "You'll be familiar with web bugs, the transparent images which track when someone opens an email. They work by embedding a unique URL in a page's image tag, and monitoring incoming GET requests.  Imagine doing that, but for file reads, database queries, process executions or patterns in log files. Canarytokens does all this and more, letting you implant traps in your production systems rather than setting up separate honeypots."

From the Hack the Box website:  "What Are Pro Labs -- Interactive, hands-on, complex scenarios that give players the chance to penetrate enterprise infrastructure and hone their offensive engagement skills. Pick any of our Pro Labs, own it, and get your certificate of completion."