I always comment when people say how TV shows make hacking look so easy, that I think they're not too far off when the "hackers" are state-sponsored. Part of the benefit of compartmentalizing things like tool/exploit-dev from ops is you get good tooling that you just point and shoot and it mostly works.

With enterprise/corporate red-teaming you have to work for it a lot, update your tooling, attacks, etc... do a lot of recon. But even then, even in companies that take security seriously and pay for it too, experienced pros spend a few days and get domain-admin (or equivalent) half the time. And I'm talking about in 2025 with everyone and their mom running EDR that have only gotten better over time (in my opinion).

The CIA's tools probably don't have flashy graphics, but even the ones that were leaked a while ago give a good insight into things.

https://github.com/secoba/CIA-Hacking-Tools

I can imagine an experienced operator automating things quite a bit, and when you give them a target, they'll just run a few commands, wait a some time and get a shell with lots of powerful capabilities.

Matter of fact, I think they don't show enough "easy hacking" in the movies, where you take over hospitals, government agents, courts ,etc.. in a matter of minutes and start snooping around, or just wipe them out. That would feel unbelievable to movie/tv audiences so they lave it out.