Technology is advancing rapidly, and as a result the need for cybersecurity education is greater than ever. Penetration testing is an important skill for cybersecurity students to develop, but it can be difficult to gain practical experience in a safe and controlled way. This project addresses the need for accessible and engaging penetration testing resources by providing a vulnerable virtual machine (VM) that contains common Linux misconfigurations, alongside a scenario and challenge questions to assess the students, and a solutions manual for instructors. The VM contains vulnerabilities such as weak passwords, weak permissions, insecure credential storage, vulnerable cron jobs and misconfigured sudo privileges. There is also a flag to be found at root to give learners a clear objective. To make the lab more engaging, it follows a Beatles theme which is present throughout the scenario and the VM. The project followed a waterfall methodology, progressing from research and requirements gathering to design, implementation and testing. Overall, this project successfully fulfilled the aims it set out to achieve and the product is ready to be deployed as a teaching resource. All the relevant documentation and research is available in this report. Please note that the VMs are too large to upload to PATS but can be provided upon request.