The best way to look at the exploit process is to look at examples.

A couple of great books to read (I did the audio books) for how the end to end exploit process works in some real world examples are Sandstorm (First state sponsored (allegedly Russia) cyber attack on civilian infrastructure (Ukrainian power plants), countdown to zero day (Stuxnet – attack of Iranian centrifuges and first state sponsored attack crossing boundaries from cyber world to the physical world). Another great audio book on a 50k foot view on the history of espionage that puts a lot of global events into context is Cyberspies by Gordon Corera.