How do hackers find zero day exploits? What process is there for locating such a specific thing?

There are a lot of avenues that could lead someone to discover a zero day. It probably could occur as a more concerted effort when someone is specifically looking at certain features and trying to target that or it could result from more casual tampering.